Virtualization technology is fueling a significant change in today’s modern data centers, resulting in architectures that are commonly a mix of traditional and private cloud computing environments. For purposes of definition, private cloud implies that you manage the entire virtualization infrastructure — from the componentry to the applications. While the benefits of a private cloud are well known and significant, so too are the security challenges, exemplified by recent high-profile data breaches. Whether stored in a physical data center or in a public, private or hybrid cloud, your data is the cybercriminal’s target.
A private cloud enables your data center to evolve from a fixed environment, where applications run on dedicated servers, toward an environment that is dynamic and automated, where pools of computing resources are available to support application workloads that can be accessed anywhere, anytime, from any device. Yet security remains a challenge when you embrace this new dynamic, cloud computing environment. Many of the principles that make cloud computing attractive run counter to network security best practices.
Our VM-Series is a virtualized implementation of the next-generation firewall and advanced threat prevention features found in our physical form factor appliances. The VM-Series allows you to protect your private cloud infrastructure using application-centric security policies to protect your private cloud and the data within.
Applying next-generation security to virtualized environments
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These are then used as integral components of your security policy, resulting in an improved security posture and a reduction in incident response time.
Isolate mission-critical applications and data using Zero Trust principles
Security best practices dictate that your mission-critical applications and data should be isolated in secure segments using Zero Trust (never trust, always verify) principles at each segmentation point. The VM-Series can be deployed in your cloud environment, allowing you to protect east-west traffic between VMs at the application level.
Block lateral movement of cyberthreats
Today’s cyberthreats will commonly compromise an individual workstation or user and then move across the network, looking for a target. Within your virtual network, cyberthreats will move laterally from VM to VM, in an east-west manner, placing your mission-critical applications and data at risk. Exerting application-level control using Zero Trust principles in between VMs will reduce the threat footprint while applying policies to block both known and unknown threats.
Automated, transparent deployment and provisioning
A rich set of APIs can be used to integrate with external orchestration and management tools, collecting information related to workload changes, which can then be used to dynamically drive policy updates via Dynamic Address Groups and VM Monitoring.
Centrally manage virtualized and physical form factor firewalls
Panorama™ network security management enables you to manage your VM-Series deployments, along with your physical security appliances, thereby ensuring policy consistency and cohesiveness. Rich, centralized logging and reporting capabilities provide visibility into virtualized applications, users and content.