Background: In today’s world, data center virtualization has enabled the agility and elasticity which accelerates the delivery of infrastructure-networking, storage, and compute. However, the penetrable nature of the cloud also exposes the network to serious security issues. As services become more mobile and cloud focused, security services need to adopt to this dynamic environment to deliver security for communications within virtualized data center.
Security Issues In SDDC: SDDC (Software-defined data center) is a data center where all the infrastructure is virtualized and delivered as a service. In SDDC, the whole data center is controlled by a single layer of virtualization and all of the resources of data center are abstracted and automated. The processing capacity of each host is increased, processing loads are shared and moved among all hosts which significantly increases the amount of traffic. The traditional physical switching and routing devices create a tangled route that slows down the traffic and may not detect all the security issues within virtual infrastructure. So it is a wise idea to consider virtual appliance which will reduce latency and optimize performance.
Some of the key security challenges in SDDC are the lack of visibility into East-West (virtual machine to virtual machine) traffic, lack of dynamic security (Security not keeping pace with the rate of application provisioning). Other network security issues include undetected and uncontained malware outbreaks or insider attacks in the virtual environment and inability to enforce policies that isolate VMs, prevent VM sprawl.
Firefly for SDDC: Firefly addresses many of these security threats by providing next generation security features such as ant-virus/anti-spam, IDP, web filtering and intrusion prevention system which all are included in Unified Threat Management (UTM) solution. UTM solution allows an administrator to manage wide variety of security issues through a single management console. Junos Space Security Director supports centralized management and offers administrators a simple way to create series of security policies that will control the traffic from within and in between zones or even between VMs. These dynamic security policies understand the context of the virtual machines in the datacenter. Firefly also supports Junos Space Virtual Director, an intelligent, automated VM life cycle management application which easily scales VM to meet dynamic demand. Firefly provides rich connectivity features based on the powerful Junos foundation including routing, NAT and VPN.
SDDC Use Case for Firefly: A very common use case in SDDC is to segregate the guest VMs and provide advanced protection across tiers. Firefly fits into this use case as it can segment the VM and after the VMs are segmented, they are connected via VPN. Firefly also offers multiple layers of defense to protect from any kind of malware and other advanced security threats.
Conclusion: Juniper’s Firefly solution improves performance, lowers latency, and provides end-to-end security in virtualized data centers. Firefly is easily scalable to data centers of any size to ensure that organizations can attain full agility and efficiency of a data center.