Enhance your Enterprise’s Security with our SDN

Trust Software Defined Networking to fill critical security gaps within the datacenter.

The Challenge

Network security is becoming more challenging in cloud environments. You need a security approach designed to handle:

  • Accelerating rate of change. Cloud architectures are dynamic, making the maintenance of fixed security measures (such as ACLs) cumbersome and expensive.

  • Increasing complexity. Legacy applications communicate “north-south”. Modern cloud applications leverage multiple networking layers that communicate along unsecured “east-west” data paths.

  • Increasingly sophisticated and persistent attacks. Hacking is increasingly performed by motivated professionals. These people have financial or other incentives to compromise the network, even if the penetration takes months to accomplish.

Why our SDN Is Unmatched for Network Security

Fills critical network security gaps within a cloud datacenter

Nuage Network’s SDN products enforce security for virtual machines (VMs) and applications at the first connection point of the network, minimizing vulnerabilities. It also uniquely secures critical, and largely unprotected, intra-datacenter (east-west) traffic.

Maximizes security for complex applications

Our SDN architecture maximizes security even for today’s complex web-based applications (such as multi-tiered with interstitial firewalls) and new programming constructs such as containers.

Allows you to choose the best control models for each physical and logical construct

Rather than a ‘one-size-fits-all’ approach, fine-grained controls, including the Nuage Networks vSwitch and robust security policies, allow you to tailor security requirements to the department, network, application, container or VM.

How We Help You

Nuage Networks Virtualized Services Platform (VSP) is a non-disruptive overlay to existing virtualized and non-virtualized network resources. Because all components are virtualized, you don’t need any purpose-built networking hardware. The tie to a physical network element is replaced with a set of required network attributes. Similar to how cell phones preserve their attributes while in roaming mode, our SDN products preserve the network attributes (required network settings including security) no matter where the workload is placed. Nuage Networks VSP provides full network roaming capabilities for all your workloads.

Nuage Networks VSP provides a critical ingredient in cloud environments — universal and consistent security policies and enforcement at a fine-grained level. Beginning with a Zero Trust security model by default, any security model can be implemented, from micro-segmentation at the VM level all the way up to application-level controls. Security policies are defined in business terms using declarative policies (such as “You MUST use HTTP Authentication when accessing this application”) rather than rigid controls based on ever-changing IP addresses.

The Virtual Services Controller provides control plane coordination (as indicated by the dotted line) among one-to-many Virtual Routing and Switching (VRS) components. The VRS data plane component includes an embedded virtual switch (vSwitch) and a firewall.

Starting at the initial network connection point, VMs and applications are fully secured and isolated. VM-to-VM network traffic is secured both within a rack and between racks.

Security is defined both with a single, unchangeable master policy and dependent policies. Leveraging these policies, VMs can move automatically within and across datacenters in a completely automated fashion. Nuage Networks ensures the VM’s metadata (network and security settings) are preserved and moved with the application or VM. When the application or VM boots, Nuage Networks VSP is triggered and takes the appropriate action(s). Service chaining capabilities allow complex, multi-step processes (such as enabling cascading security checks down multiple firewalls) to be automated. Granular tracking provides the detailed source data needed for auditing, threat detection, and problem investigation.

Hackers frequently take advantage of the lack of network security within a datacenter. Nuage Networks VSP addresses multiple security gaps, reducing hackers’ abilities to attack the cloud datacenter.

Enhancing and streamlining security within the datacenter
Enhancing and streamlining security within the datacenter

Major benefits

Consistent security. Security is applied top down, consistently, efficiently and automatically. Our policy approach eliminates manual errors and ensures VM and application mobility doesn’t compromise security.

No more security gaps. You can enforce security for VMs and applications starting at the first connection point to the network. Our products also uniquely secure intra-datacenter traffic. Critical network security gaps within the datacenter are eliminated.

Empowers investigations. Nuage Networks VSP gathers and stores detailed network event data. You can use this granular data to resolve any security issues.

Proof Positive

A news publisher improves security and unifies management across private clouds

A leading international business and financial news publisher has over 3,000 developers working at over 100 sites, serving 192 countries. Multiple private clouds were being discretely managed due to a number of factors, including different trust models. Leveraging Nuage Networks Software Defined Networking products, the publisher built a unifying network management cloud that securely communicates among public and private clouds both within and among datacenters. The unified management cloud supports different trust models, enables secure app-to-app communication, and delivers policy automation efficiencies.