can security server help the internal security?

niceguy001 · ‎08-15-2017

actually,

i do know that several documents already described the functions of security server, for example, this one.

i'm still wondering that since the security server is DMZ-based service and resides in the DMZ,

can the security server combine the NSX micro-segmentation to enhance the internal security of VDI?

or it is just simply created for filtering malicious connections from external network to VDI?

it never help on securing each virtual desktop VMs...?

Magneet · ‎08-16-2017

It only helps creating a secure connection to a desktop and it indeed will not create extra security for the desktops themselves.

markbenson · ‎08-17-2017

Security Server is commonly deployed in the DMZ to support remote access. It is now largely replaced by VMware Unified Access Gateway.

Both are for securing remote access, not to support micro segmentation. That is implemented separately.

vasan22in · ‎08-17-2017

Hello niceguy001,

Yes. You are correct its's simply created for filtering malicious connections from external network to VDI. It will not secure your VDI.

If you want micro-segmentation, NSX needs to install and configure various firewall rules,security policies and groups in service composer.

Thanks,

Srini

Please consider marking this answer "correct" or "helpful" if you think your query have been answered correctly. Thanks, Srini