Blog

Invisible Infrastructure and the ability to add Invisible Security

By Raghu Nandan

To Cloud or Not to Cloud?

A hard choice facing organizations and their CIOs today is the decision between continuing to invest in on-premises data centers, embracing outsourced cloud resources, or a combination of both. There are pros and cons of each option, including potential complications of migrating legacy apps, the need to support next-gen, “cloud-first” apps, and the concern of “lock-in” on a single approach. One compromise between on-prem vs. off-premise is moving to private cloud – referring to the design and management of virtualized data centers in a cloud-like manner, offering the high administrative densities and operational simplicity that haven’t been possible with traditional data center designs.

Nutanix, and our promise of the “invisible infrastructure” (just works, without constraints, while eliminating guesswork), has been significant in helping organizations achieve their consolidation goals in a simpler way, and we’re thrilled with each new story we hear about IT teams having their weekends and family time back, without the need of long maintenance and update windows, firmware upgrades and outage planning, and just reacting to infrastructure issues. Gradually, we’re seeing a realization of these benefits not just as specific projects for Nutanix, but also as a complete data center “re-platforming” – blurring the lines between on-premises and off. The more on-prem data centers can behave like public cloud providers (i.e. on-demand resources, linear scale-out almost to infinity, bite-sized expansion costs, rapid provisioning, easy management, etc.), the easier an organization’s choice can become on the best approach for their business goals.

The Cloud Security Challenge

However, as simple as Nutanix makes infrastructure within data centers, the changing nature of applications and services designed for this cloud-ready world also means a significant disruption in how security now must be designed and enforced. Traffic patterns in this new world have changed from the traditional north-south orientation, to a lot more inter-VM east-west pattern. These internal flows create protection gaps inside the data center, for traffic never seen by perimeter security solutions.

Invisible Security for Invisible Infrastructure

This is precisely why Nutanix is partnering with vArmour for this evolving world: to extend the premise of invisible infrastructure into “invisible” security. vArmour DSS Distributed Security System allows for rapid creation of network sub-segments (micro-segments really, because these are on-demand segments for a group of VMs which can be as small as just a single VM!). vArmour DSS wraps security controls around these individual workload groupings, providing granular and pervasive security in this incredibly agile world of hyper-converged, private clouds.

vArmour applies the same web-scale principles that are so near and dear to Nutanix, and brings them to the security world, to better protect the next-gen data center. The central vArmour DSS controller, called the Director, is able to spin up a multitude of distributed enforcement points (referred to as EPs) on every Nutanix node, allowing for massively distributed network visibility and policy enforcement capabilities that aren’t constrained by the typical drawbacks of hardware-based security solutions. For example, vArmour DSS is 100% software and independent of underlying infrastructure – so the protections wrapped around every VM running on Nutanix can travel with these workloads as they move throughout the data center, something that cannot be done by static perimeter security.

At Nutanix, we are excited to be working with vArmour to offer this new way of building out secure infrastructure more easily. Our partnership makes private cloud build-out faster, cheaper and safer, allowing organizations to bridge the gap between on-premises infrastructure and off-premise cloud services. More importantly, together, vArmour and Nutanix make one decision of IT professionals, from a list of far too many already, much easier to make.

Join Tony and I during our webinar on Tuesday, September 29 at 10am PST to learn more about the integration between Nutanix and vArmour today and also a preview of future opportunities together. Register now.