As we countdown to this year’s VMworld we’re delving into the top five must-see HyperCloud™ demos — this week we’re thinking about #4 — securing network communications for applications and virtual infrastructure to prevent data loss.
The search for speed in the software supply chain, fueled by agile methodologies and DevOps practices, has put a tremendous pressure on IT organizations to move towards Mode 2 agile deployment models while enforcing security and governance. The challenge to create innovative solutions quickly leads many development teams to ignore security compliance, seeing information security as an inhibitor to DevOps agility. Network security is often the highest priority for IT organizations looking to deliver secured communications to ensure that information is moving through the data center and across clouds in a manner that minimizes risk.
HyperCloud™ delivers advanced network and security services to automate the creation of virtual private clouds (VPC), subnets, firewalls, and security groups to ensure the security of infrastructure and applications by preventing communication paths between isolated environments (e.g. Development, Testing, etc.) as well as controlling communication paths across application layers (e.g. database and application tiers). This enhances IT’s ability to deliver secured communications and ensure that information is moving through the data center and across sites in a manner that minimizes risk.
With HyperCloud™, users can provision virtual machines, connect them to each other, and isolate them from one another in a Virtual Private Cloud (VPC) delivering secure communications and reducing the organizations exposure. Users can also define fine-grained networking policies to control inbound and outbound access to and from individual subnets using network access control lists (ACLs) and security groups. A VPC built on HyperCloud™ is a comprehensive set of managed networking capabilities, including granular IP address range selection, routes, and firewalls.
HyperCloud™ provides on-demand network security that is governed by granular entitlements and access controls.
- Network Isolation – Isolated subnets that are attached to dedicated VLANs can be created on-demand to provide a secure communication for virtual machines within a subnet.
- Network Segmentation – Network segmentation is achieved by allowing users to control inbound and outbound access to and from individual subnets using network access control lists (ACLs) and security groups. For example, in a 3-tier application, a user can prevent the web server from directly communicating with the database by restricting inbound access to the database port to the application server IP only to facilitate multi-tier application segmentation.
- Granular Entitlements – Entitlements can be applied to VPCs and subnets to ensure that only entitled users are able to provision their virtual machines to already existing subnets.
In this demo, we will cover the following:
- On-demand creation of virtual private clouds (VPC), subnets, firewalls, and security groups to ensure the security of infrastructure and applications
- Securing a WordPress application by creating security group rules which allow the webserver to respond to inbound HTTP and SSL requests from the Internet while simultaneously prohibiting the webserver from initiating outbound connections to the Internet.
- Securing a 3-tier application by provisioning a web server in a publicly accessible subnet and both the application server and database in non-publically accessible subnets. The application server and database cannot be directly accessed from the Internet. Users can control access across the application layers using inbound and outbound packet filtering provided by network access control lists (ACLs) and security groups to enforce network segmentation.
And you can learn even more about HyperCloud™ and how we enable transformation from virtualization at VMworld, August 27 – 31, 2017, at Mandalay Bay Resort and Casino, booth #218.
Please go to https://hypergrid.com/vmworld-2017/ for more information.
VP of Product at HyperGrid. Previously the co-founder & CEO of DCHQ, which is now HyperCloud™ Portal, the management console of HyperCloud™, providing integrated compute, storage, networking, application and container services in a full-stack offering that is delivered on premises and on a pay-as-you-go consumption model. The self-service library in HyperCloud enables self-provisioning of infrastructure, storage, network, container, and application services on HyperCloud™ as well as 15 other clouds and virtualization platforms – like VMware vSphere, OpenStack, Microsoft Hyper-V, Amazon Web Services, Microsoft Azure and others.
Prior to founding DCHQ, he was a senior product manager at VMware, where he managed strategic products in cloud management & automation for almost 3 years. He also assumed a product management role for 5 years at Oracle where he focused on application and middleware management capabilities. He holds a bachelors degree in computer science from MIT and an MBA degree from UCLA.
- 5 Must-See HyperCloud™ Demos at VMworld 2017: #5 A Full-Stack Enterprise Cloud as a Service on VMware vSphere with Pay-as-you-Use Economics - August 25, 2017
- 5 Must-See HyperCloud™ Demos at VMworld 2017: #4 Securing Network Communications for Apps & Virtual Infrastructure - August 24, 2017
- 5 Must-See HyperCloud™ Demos at VMworld 2017: #3 Enabling Unified Cloud Management - August 14, 2017