Traditional security products, such as firewall appliances, often require that all network activity pass through a handful of fixed physical locations in order to be monitored. Virtualized applications, in contrast, can be migrated between physical hosts for higher resource efficiency and improved uptime. Until now, companies virtualizing security-sensitive applications faced the choice of either leveraging virtualization capabilities such as live migration for optimal load balancing and availability, or enforcing strict security compliance. To solve that dilemma, most customers ended up dividing their virtual environments into smaller, less efficient clusters for areas such as their Internet-facing demilitarized zones (DMZs) or consumer credit data processing systems subject to Payment Card Industry regulations. VMware vShield Zones will enable customers to create security zones within enterprises or in multi-tenant cloud infrastructures, where security policies are enforced even as virtual machines dynamically migrate between hardware devices. Deployed as a virtual appliance and integrated with VMware vCenter Server, VMware vShield Zones helps make it easy to centrally manage and enforce compliance with security policies across large pools of servers and virtual machines. Built-in auditing capabilities make compliance straightforward and verifiable.
VMware virtualization solutions have enabled companies to pool their computing resources and deliver IT as a dynamic, shared service, said Raghu Raghuram, vice president, server business unit, VMware. VMware vShield Zones enhances this architecture by enabling customers to segment and isolate their application traffic in a shared environment, thereby delivering new security benefits and making VMware Infrastructure a safe place to run business critical applications.