Virtualization Technology News and Information
Coalfire Publishes New Benchmark Audit of VMware NSX-T Micro-Segmentation for Microservices, Containers and Virtual Machines

Coalfire, a trusted provider of independent, comprehensive cybersecurity advisory services today announced the publication of a new whitepaper that reviews the effectiveness of VMware NSX-T in providing micro-segmentation for both traditional virtualization and cloud native environments.

The whitepaper, Addressing PCI DSS with VMware NSX-T (A Micro-Audit of NSX-T Micro-segmentation for Microservices, Containers, and Virtual Machines,evaluates the effectiveness of micro-segmentation provided by NSX-T for securing both virtual machines (VMs) and containers orchestrated by Kubernetes (K8s). This audit is a follow on to the 2016 Micro-Segmentation Benchmark Report that evaluated VMware NSX micro-segmentation capabilities to enable a Zero Trust model in native vSphere environments.

Coalfire found that the NSX-T was capable of micro-segmentation of pods within the container environment. This micro-segmentation capability, like that found with VMware NSX for vSphere with VMs, enables security policy with granularity down to the individual VM and/or container. Pertaining specifically to Payment Card Industry Data Security Standards (PCI DSS), NSX-T is sufficient for providing recommended network segmentation for scope reduction where VMs, pods and containers in Cardholder Data Environments (CDEs), along with their associated transport zones, can be segmented from non-CDE VMs, pods and containers.

Additionally, the micro-segmentation capabilities of NSX-T were effective for providing granular security control in support of a Zero Trust network model for assets within the CDE. Moreover, the NSX-T distributed firewall could support PCI DSS 3.2 firewall requirements for CDE.

"Development of applications in containers is on the rise. Having a service such as VMware NSX-T to aid segmentation in isolating CDE from non-CDE assets meets the intent of PCI DSS 3.2 compliance, so organizations can leverage the agility that containers provide," said Chris Krueger, managing principal, Cyber Engineering.

The whitepaper, "Addressing PCI DSS with VMware NSX-T (A Micro-Audit of NSX-T Micro-segmentation for Microservices, Containers, and Virtual Machines)" is available for download from the VMware website.  Coalfire is recognized and respected as one the country's leading independent compliance and cybersecurity testing facilities. The white paper on VMware NSX-T contains example use cases for deployments and measures the security performance of NSX-T against the detailed requirements of the PCI DSS standard.

Published Tuesday, December 19, 2017 10:25 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2017>