I read an excellent article over on the Check Point Threat Prevention blog.
It discusses the new Check Point vSEC product and how it works with NSX to add that deep packet inspection technology to the SDN stack provided by NSX. This is incredibly powerful as it allows you to add the benefit of Check Point's vast array of security products to the policy driven network overlay that is NSX. Now you can do deep packet inspection and threat emulation on packets between virtual machines that live in the same subnet, all inside the hypervisor without having to bring in an outside appliance. This is going to radically improve security without the bottleneck of an external appliance having to handle all of the traffic.
Benefits of vSEC with NSX
- Addition of Check Point Threat Emulation / Threat Protection Layers to NSX Firewalled VMs.
- vSEC Policies follow NSX Policies. Newly created VMs are secure out of the gate.
- vSEC products get their protection data from the Check Point Threat Cloud.
- Fully integrated into the Check Point Software Defined Protection (SDP) Model
The article is here.
No comments:
Post a Comment