Security for Hyper-Converged Solutions: Dell EMC VxRAIL Appliances - VMware vSAN Readymades with VMware NSX-V

Version 3

    Author: Humair Ahmed, Networking and Security Business Unit

     

    Acknowledgements to the following for reviewing and providing feedback to various sections of the document: Nimish Desai, Justin King, Vuong Pham

    Please send all feedback/questions to Humair Ahmed at  hahmed@vmware.com.

     

     

    VMware NSX-V provides an enhanced security model that aligns with the converged architecture of VxRAIL and provides for a minimal footprint, integrated security solution within the VxRAIL appliance. NSX-V provides for micro-segmentation by applying security policies at the vNIC-level of workloads and providing for a highly secure segmented data center. Additionally, NSX-V allows for use of security policies based on higher level constructs such as VM name and security tag. By leveraging NSX-V for security, VxRAIL users can easily provide micro-segmentation for applications, secure/isolate different tenant workloads, provide enhanced security for VDI deployments, and easily create DMZ environments.

     

    This documents is targeted towards those interested in the benefits NSX-V provides in terms of security for VxRAIL hyper-converged appliances and how NSX-V security can be deployed and used on VxRAIL. The document covers the following:

     

    - Traditional security and architecture challenges,

    - NSX-V Security and Micro-segmentation

    - Hyper-converged architecture with NSX-V for security

    - Use cases for VxRAIL with NSX-V security

    - NSX-V security architecture

    - NSX-V security deployment on VxRAIL

    - Consuming NSX-V security on VxRAIL