Nov 27 -- Enterasys Networks Inc. announced Monday the Enterasys Secure Networks for Virtual Data Centers solution to assure the connectivity and compliance of virtualized computing and storage. As more organizations adopt virtualization technologies to reduce equipment, energy and cooling costs in data centers, Enterasys addresses the security, management and operations challenges these new data center technologies introduce.
Authentication, authorization and audit requirements for security compliance remain essential to any new data center optimization initiatives, Enterasys of Andover, Massachusetts said. Enterprises worldwide want to ensure the reliability, quality of service, mobility, manageability, scalability and performance of data center information systems. Secure Networks for Virtual Data Centers deliver a way to sense and automatically respond to the dynamic mobility of virtual machines, enforce network access control policies, and comply with internal, industry or government regulations, the company said.
A private investor group led by The Gores Group LLC and Tennenbaum Capital Partners LLC owns Enterasys Networks. Enterasys' Secure Networks solutions secure any network to ensure the confidentiality, integrity, availability and performance of IT services and the business users that rely on them. Thousands of companies, government agencies and educational institutions in more than 70 countries rely on Secure Networks solutions to maintain business continuity and protect vital information, the company said. Enterasys' architectural approach to network security offers a long technology lifecycle and significant operational and business benefits, while reducing total cost of ownership (TCO), it added.
Virtualization brings with it a unique set of security challenges as organizations integrate server, storage and networking priority and security policies to optimize agility, application performance and operating costs, Enterasys said. Enterasys Secure Networks can automatically sense and respond to data center infrastructure threats to ensure only the right users have access to the right information from the right place at the right time regardless of move/add/change activity, it said.
Security is often unknowingly weakened in the organizations' rush to virtualize, Gartner Inc. of Stamford, Connecticut said. Virtualization, as with any emerging technology, will be the target of new security threats. Security must be 'baked in' from conception, not addressed later as an afterthought. Best practices that must be considered when deploying virtual machines include enforcing the principle of least privilege and leveraging intrusion prevention and network access control, Gartner added.
The key building blocks of the Enterasys Secure Virtual Data Center include security-enabled infrastructure using Matrix N-Series flow-based switches and Matrix X-Series high performance routers, providing top-of-rack, end-of-row, and network core connectivity with capacity of more than 1,000 GbE (Gigabit Ethernet) or 256 10 GbE connections per rack, Enterasys said. The other components of the Enterasys Secure Virtual Data Center include advanced Dragon security applications for intrusion detection/prevention, network access control and security information management to automate compliance audits and reporting, and centralized visibility and control through NetSight management applications that enforce role-based policies and automate corrective actions, the company said.
Security is assured as only authorized users and protocols can connect to authenticated virtual machines and associated virtualized storage resources, Enterasys said. As virtualization becomes the target of new security threats, multiple virtual services running on one physical device need to be protected within a given virtual machine as well as between them. The priority and security privileges of individual virtual machines must also be maintained as they migrate from one location/device to another to ensure business continuity or expand capacity on-demand, the company said.
An Enterasys Matrix N-Series switch can discover, authenticate, and prioritize up to 1,000 virtual machines attached to a single Gigabit (Gb) or 10 GbE network interface, Enterasys said. Enterasys Dragon software proactively prevents, intelligently senses and automatically responds to network security threats. Network behavioral analysis integrated with intrusion detection and prevention capabilities prevent the hosting or downloading of inappropriate or illegal content as well as the proliferation of worms or viruses, it said.
User-based and application-based Secure Networks policies save time and avoid costly errors when compared to traditional port-based and VLAN (virtual local area network)-based access control list (ACL) methods for network security and application provisioning, Enterasys said. The end result is a self-defending data center, which assures the confidentiality, integrity and availability of information, it added.
Mobility of virtual machines and associated applications is critical to virtualization environments to ensure continuity of operations in the event of hardware failure or controlled shutdown of a server to conserve energy during low demand time periods, Enterasys said. Enterasys Secure Networks adapt to dynamically provisioned and de-provisioned servers, it said.
Running server virtualization software on server farms connected to shared storage can also provide several advantages, Enterasys said. By placing virtual machine virtual disks on storage area networks (SANs) accessible to all virtualized servers, virtual machines can easily migrate between servers as needed for load balancing or failover, it added.
Enterasys Matrix N-Series switches enable virtual machine mobility automatically without requiring manual reconfiguration of network interfaces on either the physical server or network device as policies dynamically adapt on-demand, Enterasys said. Real-time location of a virtual machine and associated application services, as well as an audit history of its mobility, is available through Enterasys NetSight software, the company said.
Manageability is provided through the Enterasys NetSight suite of management applications that deliver policy-based visibility and control over virtualized data center infrastructure to ensure mission critical applications are delivered reliably, Enterasys said. One click can equal a thousand actions as NetSight software enables organizations to manage their data center network as a cohesive whole, rather than as a disparate set of individual components, it added.
Quality of data center services is assured as granular end-to-end QoS (Quality of Service) capabilities prioritize application traffic throughout the network using Layer 2 and Layer 3 mechanisms, Enterasys said. Enterasys Matrix N-Series switches feature a unique ability to separately secure and prioritize each virtual machine connected to a single network interface to provide the business with granular flow-based visibility and control over individual voice, video and data conversations for each user and application, the company said.
Reliability is assured with high-availability hardware and software components of the Enterasys Matrix N-Series switches and Matrix X-Series routers whose architecture has no single point of failure, Enterasys said. The Enterasys flow-based switching enables bandwidth aggregation and dynamic load balancing across multi-homed connections to each physical server to ensure availability in the event of network, device or link failure, and on-demand provisioning of additional capacity. In the event of physical server or virtual machine failure, Enterasys Secure Networks support virtual machine mobility without requiring manual reconfiguration of the network or interrupting user access to information, the company said.
