Enterasys Networks Inc. announced today the Enterasys Secure Networks for Virtual Data Centers solution to assure the connectivity and compliance of virtualized computing and storage. As more organizations adopt virtualization technologies to reduce equipment, energy and cooling costs in data centers, Enterasys uniquely addresses the security, management and operations challenges these new data center technologies introduce. Authentication, authorization and audit requirements for security compliance remain essential to any new data center optimization initiatives. Enterprises worldwide want to ensure the reliability, quality of service, mobility, manageability, scalability and performance of data center information systems. Secure Networks for Virtual Data Centers delivers a way to sense and automatically respond to the dynamic mobility of virtual machines; enforce network access control policies; and comply with internal, industry or government regulations.
"Virtualization brings with it a unique set of security challenges as organizations integrate server, storage and networking priority and security policies to dramatically optimize agility, application performance and operating costs," said Mike Fabiaschi, President and CEO of Enterasys. "Enterasys Secure Networks can automatically sense and respond to data center infrastructure threats to ensure only the right users have access to the right information from the right place at the right time regardless of move/add/change activity."
"Security is often unknowingly weakened in the organizations' rush to virtualize," said Neil MacDonald, VP and Fellow with Gartner, Inc. "Virtualization, as with any emerging technology, will be the target of new security threats. Security must be 'baked in' from conception, not addressed later as an afterthought. Best practices that must be considered when deploying virtual machines include enforcing the principle of least privilege and leveraging intrusion prevention and network access control."
The key building blocks of the Enterasys Secure Virtual Data Center include:
- Security-enabled infrastructure using Matrix N-Series flow-based switches and Matrix X-Series high performance routers, providing top-of-rack, end-of-row, and network core connectivity with capacity of more than 1,000 Gigabit Ethernet or 256 Ten Gigabit Ethernet connections per rack.
- Advanced Dragon security applications for intrusion detection/prevention, network access control and security information management to automate compliance audits and reporting.
- Centralized visibility and control through NetSight management applications that enforce role-based policies and automate corrective actions.
Security is assured as only authorized users and protocols can connect to authenticated virtual machines and associated virtualized storage resources. As virtualization becomes the target of new security threats, multiple virtual services running on one physical device need to be protected within a given virtual machine as well as between them. The priority and security privileges of individual virtual machines must also be maintained as they migrate from one location/device to another to ensure business continuity or expand capacity on-demand. An Enterasys Matrix N-Series switch can discover, authenticate, and prioritize up to 1,000 virtual machines attached to a single Gigabit or 10 Gigabit Ethernet network interface. Enterasys Dragon software proactively prevents, intelligently senses and automatically responds to network security threats. Network behavioral analysis integrated with intrusion detection and prevention capabilities prevent the hosting or downloading of inappropriate or illegal content as well as the proliferation of worms or viruses. User-based and application-based Secure Networks policies save time and avoid costly errors when compared to traditional port-based and VLAN-based access control list (ACL) methods for network security and application provisioning. The end result is a self-defending data center which assures the confidentiality, integrity and availability of information.
Mobility of virtual machines and associated applications is critical to virtualization environments to ensure continuity of operations in the event of hardware failure or controlled shut-down of a server to conserve energy during low demand time periods. Enterasys Secure Networks uniquely adapt to dynamically provisioned and de-provisioned servers. Running server virtualization software on server farms connected to shared storage can also provide several advantages. By placing virtual machine virtual disks on storage area networks (SANs) accessible to all virtualized servers, virtual machines can easily migrate between servers as needed for load balancing or failover. Enterasys Matrix N-Series switches enable virtual machine mobility automatically without requiring manual reconfiguration of network interfaces on either the physical server or network device as policies dynamically adapt on-demand. Real-time location of a virtual machine and associated application services, as well as an audit history of its mobility, is available through Enterasys NetSight software.
Manageability is provided through the Enterasys NetSight suite of management applications that deliver policy-based visibility and control over virtualized data center infrastructure to ensure mission critical applications are delivered reliably. One click can equal a thousand actions as NetSight software enables organizations to manage their data center network as a cohesive whole, rather than as a disparate set of individual components.
Quality of data center services is assured as granular end-to-end QoS capabilities prioritize application traffic throughout the network using Layer 2 and Layer 3 mechanisms. Enterasys Matrix N-Series switches feature a unique ability to separately secure and prioritize each virtual machine connected to a single network interface to provide the business with granular flow-based visibility and control over individual voice, video and data conversations for each user and application.
Reliability is assured with high-availability hardware and software components of the Enterasys Matrix N-Series switches and Matrix X-Series routers whose architecture has no single point of failure. The Enterasys flow-based switching enables bandwidth aggregation and dynamic load-balancing across multi-homed connections to each physical server to ensure availability in the event of network, device or link failure; and on-demand provisioning of additional capacity. In the event of physical server or virtual machine failure, Enterasys Secure Networks support virtual machine mobility without requiring manual reconfiguration of the network or interrupting user access to information.
To learn more about Enterasys Secure Networks for Virtual Data Centers capabilities, please schedule a live demonstration at www.enterasys.com/demo.