Chapter Goal: Give the readers an understanding of the current security firewall architecture and why it is not able to meet new threats.
No of pages: 20
Sub -Topics
1. Why we need firewall rules.
2. Different firewall types.
3. Perimeter firewall Architecture.
4. Perimeter Firewall shortcomings.
5. How vulnerabilities in security architecture can be misused.
Chapter 2: Micro-segmentation and Zero Trust
Chapter Goal: Teach the readers the on what new features will VMware NSX will bring towards security and how it solves the current issues.
No of pages: 20
Sub - Topics
1. Network virtualization changes everything.
2. VMware NSX and security features.
3. Protecting East –West traffic with Micro segmentation.
Chapter 3: Implementing VMware Micro-segmentation
Chapter Goal: Learn about implementing VMware NSX with micro segmentation
No of pages: 30
Sub - Topics:
1. Pre requisites for implementing Micro segmentation
2. Different methods for analyzing East-West traffic
3. Micro segmentation planning with VMware Network insight
4. Implementing VMware distributed firewall.
5. Creating Virtual Perimeter firewall in VMware NSX
Chapter 4: Automating Security Policies with NSX
Chapter Goal: Teach readers different options with VMware NSX to automate the security rules and policy creation.
No of pages: 20
Sub - Topics:
1. Working with Service composer
2. NSX REST API for automating firewall rules
3. Quarantining infected machines with Security policies
Chapter 5: Monitoring Firewall logs
Chapter Goal: Teach readers how to monitor firewall logs using VMware Log Insight
No of pages: 20
Sub - Topics:
1. Implementing VMware Log insight.
2. Adding VMware NSX logs to Log insight.
3. Filtering and tagging NSX Firewall logs.
4. Analyzing security threats and flows deeply with Log insight.
Chapter 6: Integrating Third party IPS/IDS
Chapter Goal: Readers will learn how to integrate third party IDS/IPS tools to VMware NSX
No of pages: 15
Sub - Topics:
1. Integrating Trend Micro with VMware NSX
Chapter 7: Birds Eye View of Final Security Architecture
Chapter Goal: Giving reader an overall understanding of what we did till now and how the new architecture solves the previous issues.
No of pages: 25
Sub - Topics:
1. Packet flow with VMware NSX Micro segmentation
2. Thwarting different Attack scenarios.
Chapter 8: Further Improvements with VMware Air Watch
Chapter Goal: Readers will learn how VMware Air watch can further improve the architecture.
No of pages: 20
Sub - Topics:
1. VMware Air watch and security
2. VMware Air watch with NSX -advantages
3. Conclusion
Sreejith Keeriyattil is a VMware certified vExpert and a VMWare NSX certified professional with more than 10 years of experience with VMware technologies. He specializes in network/storage in the cloud and data center, and is an expert in implementing software-defined networks with VMware NSX. Sreejith is presently working with Ericsson, India as Senior Solutions Integrator, where he overlooks the design, configuration, and deployment of the OpenStack-based cloud. He also documents his experience with the VMware stack through his blog, stackguy.com.
Secure your VMware infrastructure against distrusted networks using VMware NSX. This book shows you why current security firewall architecture cannot protect against new threats to your network and how to build a secure architecture for your data center.
Author Sreerjith Keeriyattil teaches you how micro-segmentation can be used to protect east-west traffic. Insight is provided into working with Service Composer and using NSX REST API to automate firewalls. You will analyze flow and security threats to monitor firewalls using VMware Log and see how Packet Flow works with VMware NSX micro-segmentation.
The information presented in Zero Trust Networks with VMware NSX allows you to study numerous attack scenarios and strategies to stop these attacks, and know how VMware Air Watch can further improve your architecture.
You will:
Know how micro-segmentation works and its benefits
Implement VMware-distributed firewalls
Automate security policies
Integrate IPS/IDS with VMware NSX
Analyze your firewall's configurations, rules, and policies