The coolest thing Ive seen all week

July 10, 2009

The coolest thing I’ve seen all week…

This is the coolest thing I’ve seen all week. The RSA crew the VMware security team and the Nexus 1000v folks have been working together for a while, and things are starting to come out that are REALLY REALLY cool.

This example shows the power of vSphere, VMsafe, vShield Zones, and the Nexus 1000v and RSA Data Loss Prevention mashed up together.

Imagine being able to not only group VMs into zones and apply firewall type rules (IP address, VLAN, ports, etc), but also content rules (like PCI and PII standards – but literally almost any content) that were allowed to flow across those zone boundaries. This allows you to say thinks like: “don't let any info with a credit card number or patient number or social security number leak out of here".

Well - here it is, at the RSA conference:

At the end of the video, they literally intercept an email leaving the vShield Zone based on content against the content policy – no agents, no span port sniffing, just listening at the vSphere layer, coupled with the Nexus 1000v. Is that worth an EE+ upgrade for you?

I previewed this idea (admittedly a kludgy prototype – but even that had the audience clapping!) – how an infrastructure based on virtualization could be MORE secure than a physical infrastructure – at VMworld Europe 2009 in the keynote (go back to Feb and take a look).

I love the fact that between Ionix and RSA EMC is now so much more than a storage company (though also the leader in the storage category!). This example, among others show what we mean when we say “information infrastructure”.

So – what COOL stuff will I be launching (as in GA) or previewing (that will be 2010 deliverables) at the EMC keynote at the end of august at VMworld 2009???! :-)

Posted at 04:13 PM | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e552e53bd28833011571ef7547970b

Listed below are links to weblogs that reference The coolest thing I’ve seen all week…:

» Industry Elements from PCI DSS Compliance Blog
With the IT Security field continuing to grow, and so many compelling individuals and firms participating in that growth, the breadth of information and opinion is becoming quite impressive. Given the rate of development in our field, we thought it m... [Read More]

Comments

You can follow this conversation by subscribing to the comment feed for this post.

Hello Chad,
Ok it's cool but it only concern clear traffic. So if the mail is sent via https or any other encrypted channel the DLP shield wouldn't see anything. Except if the DLP act like a MITM thing ?

Posted by: NiTRo | July 10, 2009 at 07:35 PM

After spending time at a 'leak prevention' security start up years ago, this "mashup" shows interesting potential! Very cool...

Posted by: latoga | July 10, 2009 at 08:50 PM

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.