Contact Us

|

Careers

|

Change Locale
close

vROPs and NSX unlikely heroes in security and Compliance: Part 1

Servers, Storage and Networking | Posted on October 29, 2015

This is Part 1 of a 2-part series. Read Part 2 here.

Softchoice VMware expert David Schwartzstein shows us how VMware products vROPs and NSX are the unlikely heroes that will improve the monitoring and maintaining of security in your IT environment. In this first post, David reveals how invested VMware is in security, and how to benefit from their security expertise.

Chances are, if you work with data center technology, you’re familiar with VMware. “Yeah, they’re the server virtualization company,” is likely the first thought to come to mind.  VMware is most well known for virtual machines for  good reason: 100% of all Fortune 1000 companies and the vast majority of small and medium businesses virtualize their servers with VMware products.

Did you know VMware also does security?
You may trust VMware to be a relatively secure platform, but I bet you don’t think of VMware when considering security services. When you think of security vendors, you’re thinking Cisco, Fortinet, Symantec, Trend Micro or McAfee (now Intel Security). If VMware crosses your mind it’s probably not near the top of the list.

Over the past couple of years, VMware has been fairly active in encouraging vSphere customers to adopt vRealize Operations (vROps), which was formerly known as vCenter Operations Manager (vCOps). The bulk of the marketing around vROps has been around its usage as a tool to provide a virtualized data center administrator with proactive health checking, monitoring, alerting, and capacity planning functionalities without much (if any) emphasis on its usage as a security compliance auditing and enforcement tool.

Use vRealize Operations Enterprise as a vigilant security guard
vRealize Operations Enterprise edition is a robust offering for monitoring and maintaining security best practices. vROps Enterprise has functionality to evaluate both the VMware vSphere ESXi hypervisor as well as installations of common operating systems, such as Microsoft Windows or Linux (regardless of whether they’re being run within a VM or on a physical host), against VMware best practices security hardening guidelines as well as guidelines provided by compliance regulations such as HIPAA, SOX, and PCI DSS.

This evaluation will detail areas of non-compliance and provide advice on how to remediate such areas. For continuous compliance, vROps Enterprise can be configured to detect configuration changes that cause a vSphere host or operating system instance to drift away from compliance and provide an alert to administrators.

Avoid hefty compliance fines
Usage of vRealize Operations Enterprise can help administrators demonstrate due diligence towards compliance maintenance by providing continuous audit capabilities. Many regulatory compliance laws cite hefty fines, and many insurance companies refuse to cover losses in situations where organizations are unable to prove due diligence of their security practices. With that in mind, it makes the costs of adding vROps Enterprise to an environment very quickly outweighed by the potential costs of lost intellectual property and business information from a preventable security breach.

If you like David’s posts, read his other posts. And feel free to reach out to him directly and say hi! To learn more about a specific product, leave a comment, reach out to your Softchoice Account Manager or vmware@softchoice.com.

Read Part 2 of this series now.

Related Articles

Cloud | August 19, 2019 by Softchoice Advisor

VMworld is the marquee VMware event of the year. The conference showcases the technology and solutions providers that are transforming the IT landscape. From mobility and the cloud to networking and security – VMworld offers a glimpse of what’s happening in IT now – and what’s coming next. The annual US conference kicks off in […]

Cloud | July 31, 2019 by Scott Mathewson

Most companies today use at least one cloud provider in some capacity.  Within two years, 92% of companies will be using two or more. This hybrid cloud world is forcing traditional data center design to evolve. The rise of hyper-converged systems and software-defined everything requires businesses to reevaluate traditional network and security designs to take […]

It’s fairly obvious that IBM’s POWER9 processors are, well, powerful. Staggeringly powerful. The evidence is straightforward: the Department of Energy’s Summit is the world’s fastest supercomputer, and it runs on POWER9 cores. Every day, Power Systems advance the frontiers of science on behalf of the world’s leading superpower. However, if you’re not the world’s leading […]