November 19, 2020
Hot on the heels of automated ISO 27001 audits added in Runecast Analyzer 4.6, announced just a week ago at our UPTIME 2020 virtual conference on November 11, we have now launched Runecast Analyzer version 4.7 as well, with added insights for NSX-T (a direct result of requests from Runecast customers in the telecoms, IT services, and government sectors).
“We take pride in the speed and agility of our development team to integrate our R&D roadmap with new feature requests from our customers,” said Runecast Co-Founder and CTO Aylin Sali.
Runecast Analyzer version 4.7 introduces automated audits against VMware’s Security Configuration Guide (SCG) for NSX-T, providing insights for Edge Nodes, Host Nodes, and Management Nodes, as well as new VMware Knowledge Base articles covering NSX-T.
In all cases, this means not only automated checks against the guidelines, but also remediation steps for IT admins to follow to proactively stabilize their environments.
Being one of their products, perhaps VMware explains it best (source):
VMware NSX-T™ Data Center (formerly NSX-T) provides an agile software-defined infrastructure to build cloud-native application environments.
NSX-T Data Center is focused on providing networking, security, automation, and operational simplicity for emerging application frameworks and architectures that have heterogeneous endpoint environments and technology stacks. NSX-T Data Center supports cloud-native applications, bare metal workloads, multi-hypervisor environments, public clouds, and multiple clouds.
NSX-T Data Center is designed for management, operation, and consumption by development organizations. NSX-T Data Center allows IT and development teams to select the technologies best suited for their applications.
NSX-T offers some advantages over NSX-V and physical network configuration. NSX-T enables admins to configure network connections across private/public/hybrid clouds, across data centers, and across technologies (e.g. Kubernetes, vSphere, KVM) – and is a key enabler for VMware’s Hybrid Cloud Extension (HCX) technology.
As with NSX-V, by defining connectivity within one data center (as opposed to using a mix between virtual and physical network configuration), one team can configure all networking and security, rather than multiple teams needing to work together to configure networking. It is thus less prone to error.
Furthermore, admins are provided simplified network management with the possibility to define NSX-T networking entirely on a virtual (VMware) level, with security guidelines as well. They can define firewall rules (also at the VMware level) to a more granular level (e.g. even between VMs, so not only between subnets). Finally, like Runecast Analyzer, NSX-T comes with a rich, RESTful API to enable automation of the networking and security stacks.
IT admins face a number of challenges, generally, including needing to troubleshoot complicated issues and find relevant solutions, staying current with patching, upgrade planning and resource constraints, security controls/audits and more (see our Top 10 Issues that VMware Admins Face). For NSX-T in particular, we see additional concerns over the risk of a network outage, tampering with firewall rules, or data theft by traffic mirroring.
With Runecast Analyzer 4.7, you can now easily avoid common threats in the above areas with the transparency and automated analysis provided also for NSX-T environments. Automatic fit-gap analysis against best practices and KB articles reveal any issues, including security vulnerabilities.
Runecast Analyzer helps to secure the NSX-T environment by enabling admins to configure the management plane securely, for example by making it transparent whether the admin needs to solve version conflicts or define password complexity or find left-open ports. Admins can assure that networks are configured correctly in terms of network isolation.
Additionally, Runecast flags NSX-T related vSphere KB issues that could cause a purple screen of death (PSOD) and provides admins with remediation steps.