Integration with VMware
Catbird and VMware® are working together to help enterprises visualize and secure their virtual network and server components. Catbird works with VMware’s server virtualization platform (vSphere® and its ESX® hypervisor) and VMware’s network virtualization platform (NSX®). Catbird also supports VMware’s firewall technologies (vCNS firewall app and the NSX Distributed Firewall) as part of Catbird Secure.
VMware Server Virtualization
Through seamless integration with VMware hypervisors, Catbird provides a centralized management point for network security across multiple vCenters. Providing the highest level of visibility and control over network and hypervisor security, Catbird supports all releases of VMware vSphere and its hypervisor ESXi.
VMware Network Virtualization
VMware NSX (network virtualization platform) is part of VMware's software-defined data center concept. Network virtualization abstracts network operations from the underlying hardware onto a distributed virtualization layer, much like server virtualization does for processing power and operating systems. With NSX, VMware customers can quickly provision and configure their network requirements, including security. Provisioning Catbird along with NSX boosts the virtualization ROI by enabling advanced security and compliance enforcement and leveraging the full power of the software-defined network (SDN).
“Security and compliance are essential requirements in the accelerated adoption of private clouds. Catbird and VMware are teaming to deliver ... new levels of agility, accuracy and scalability to security in the data center.” Hatem Naguib, Vice President, Cloud Networking and Security, VMware
NSX enables network controls in a multi-tenant environment by allowing for overlapping IP addresses, which translates to higher consolidation ratios. NSX also provides for more and better network controls. With NSX, customers are able to:
- Monitor and control VXLAN encapsulation that hides inter-VM traffic from non-NSX based inspection.
- Monitor and control duplicate IP addresses common on VMware systems and multi-tenant systems.
Delivering firewall orchestration, virtual infrastructure monitoring (including policy enforcement), IDS and IPS, vulnerability scanning, NAC and NetFlow to VMware, Catbird’s integrated security controls provide the highest level of seamless security and compliance enforcement required by regulated organizations.
Using Catbird Insight, organizations can prepare a smooth migration towards micro-segmentation using NSX. You start by defining Catbird TrustZones in your existing ESX environment. One Catbird TrustZone for each micro-segment you want to deploy in NSX. Once defined, the visualization and analytics capabilities of Catbird Insight allow you to see interactions between the micro-segments and define a baseline of what traffic should be allowed. Based on this baseline technical controls like ACLs and IDPS policies can be defined and tested, all of this still in the existing environment. Once fully vetted and fine-tuned, workloads can be migrated to an NSX environment. Using this methodology you are sure that the new micro-segmented environment in NSX is running based on fine-grained proven security policies.
VMware Virtual Firewalls
Firewalling is one of the most important functions in every security architecture. When configured properly based on a strong security policy or compliance framework (e.g. PCI DSS), firewalling dramatically strengthens the security posture. Catbird offers virtual firewall orchestration of VMware vCloud Networking and Security (vCNS) Firewall App, automatically configuring and dynamically updating firewall controls. As part of NSX Catbird also supports the NSX Distributed Firewall, a hypervisor kernel-embedded firewall that provides visibility and control for virtualized workloads and networks.