Most of the time, we don’t really pay much attention to VMware NSX. It’s cool stuff, but it’s just not our area. However we will look at it today because VMware is announcing that NSX network micro-segmentation can be combined with AirWatch EMM (VMware announced micro-segmentation in conjunction with virtual desktops earlier this year in Horizon 6.1.) I talked to Noah Wasmer to learn more.
In enterprise mobility management, we often talk about the concept of per-app VPNs and mobile app management. These help separate work and personal apps and data on mobile devices, protect user privacy, and keep unwanted traffic out of corporate networks.
Network micro-segmentation can be thought of as the data center counterpart to per-app VPNs and MAM. The endpoint—whether it’s a secure mobile browser or an app using various types of MAM—only gets access to the specific network resources it needs, and can’t even see anything else. This main reason to do this is for the obvious security benefits.
Doing all of this with traditional network access controls would be time-consuming, but of course with NSX and all of VMware’s software-defined data center technology the micro-segmentation can be done instantly on demand.
Coordinating everything requires a strong identity management component that can go between AirWatch and NSX, but Noah told me that both sides can leverage the identity management capabilities in the Horizon Workspaces Portal.
It’s great to see what VMware is able to do by bringing together end user computing and data center technologies. However, implementing this at almost any company would involve two different teams (or even more, when you consider the that the desktop people for the Horizon side, the mobile people, the networking people, and the server people all have to be involved). That’s a lot of parties that have to be “in the know” about everything. With the new skill sets and time involved, companies might be reluctant to change. Despite that, this is interesting technology and clearly the way of the future, so good for VMware for bringing it to us.