Virtualized Security Services
Addressing security and compliance issues is considered the biggest obstacle to making applications and services cloud-ready. Cyber threats are becoming more sophisticated. Multi-site cloud networks, especially those hosted by public providers, are becoming more complex. Security policy automation has been nearly impossible until now.
To bring applications and services into the cloud, you need a security approach designed to handle:
- Accelerating rate of change. Cloud architectures are dynamic, making the maintenance of fixed security measures (such as ACLs) cumbersome and expensive.
- Increasing complexity. Legacy applications communicate “north-south.” Modern cloud applications leverage multiple networking layers that communicate along unsecured “east-west” data paths.
- Increasingly sophisticated and persistent attacks. Hacking is increasingly performed by motivated professionals. These people have financial or other incentives to compromise the network, even if the penetration takes months to accomplish.
Choose an SDN platform that is unmatched for security services and automation
Nuage Networks VSS is the first distributed, end-to-end (cloud, DC, branch) solution for network security, visibility and security automation. Built on our proven SDN platform, VSS lets you automate IT tasks for security policy protection and remediation to support an on-demand cloud environment.
VSS is part of our open platform, which supports a large ecosystem of security, networking and monitoring solutions.
How we help you
Traditional network security solutions deliver security within a particular enterprise network, either at the network perimeter or within the cloud or datacenter. VSS is the industry’s first distributed, end-to-end (cloud, datacenter, branch) software-defined network security, visibility and security automation solution.
- Prevent security incidents by minimizing attack surface with software-defined segmentation and policy enforcement across cloud, data center and branch
- Detect security threats and monitor compliance with contextual network visibility and security analytics
- Respond in near-real time to incidents by dynamically automating security remediation processes
VSS works across heterogeneous workload types, including virtual machines (VMs), containers and bare-metal servers, as well as any existing IP underlay network across hardware platforms.
Key features and benefits
Microsegmentation to protect any workload in the datacenter
VSS includes an embedded Layer 2 to Layer 4 stateful distributed firewall. This firewall helps you enforce security policies and steer traffic to advanced security devices such as next-generation firewalls, intrusion prevention systems (IPS) and anti-virus solutions.
End-to-end segmentation to control access from branch offices to applications in the cloud
We provide a single policy automation platform that supports tenant isolation and network segmentation from core networks and datacenters to remote sites. This platform lets you extend a consistent approach to access control across your entire cloud.
Contextual flow visualization and application flow mapping
VSS simplifies compliance auditing by allowing you to visualize traffic flows with SDN context both within datacenters and between datacenters and remote sites.
Virtual network security monitoring
VSS gives provides security dashboards and alerts based on access control lists (ACLs). It also provides traffic analytics, including policy-based mirroring of selected traffic to security analytics and IPS appliances.