This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ben_Collins
Explorer
‎2018-06-06 10:40 AM

CloudGuard in NSX for VDI host isolation?

Hey gang,

I have a project coming up in which I'll be tasked with isolating VDI hosts from each other, to prevent employees and vendors from being able to move east/west within the VDI networks.  I can't figure out if this is something that can be done.  Anyone know, or have suggestions?  I'd like to implement something better than just ACLs.

Thanks,
Ben

2 Replies
PhoneBoy
Admin
Admin
‎2018-06-06 03:19 PM

Sure, it can be done.

Even if you use a solution like CloudGuard, it will be in concert with the native security controls in VMware.

The native controls will handle basic segmentation duties (allow/drop of specific types of traffic).

CloudGuard (with or without NSX) can be used for deeper inspection. 

0 Kudos
Demith_Samaraw2
Contributor
‎2018-06-06 06:46 PM

As Dameon said within NSX Distributed Firewall handles the micro-segmentation and traffic between any VDI can be inspected by either NSX DF or a Check Point CloudGuard, it is done based on security tags and you can assign tags per VDIs, NSX DF is a basic L3-4 firewall where as CloudGurad can be used for deeper inspection and other L4-7 features

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events