In this multi-part series, the goal is to first familiarize you with the solution and then provide guidance on preparing to deploy Flow Network Security and help you learn the constructs that form your policy framework.
So, what is Flow Network Security? By now, you may have heard the name, read about it or had a conversation about it with a Nutanix employee. First off, and in most basic terms, Flow Network Security is built-in security for workloads that run on Nutanix AHV, our native hypervisor. Think of it more as a feature or solution rather than a separate “product”.
While AHV has been available for many years, one thing became obvious as customers were looking to have more security options in their Nutanix environment; we didn’t have a Nutanix-developed solution to provide network security.
Enter microsegmentation. Network virtualization got its beginning as a Stanford University research project that ultimately became a startup and commercial solution from Nicira, circa 2007. VMware acquired Nicira in 2012 and the solution became, as you may know, NSX, which offered software-defined networking and microsegmentation functionality. Since this time, other software companies have brought their own solutions to market.
Host: Andy Whiteside
Co-host: Harvey Green
Co-host: Philip Sellers
Co-host: Jirah Cox
In this multi-part series, the goal is to first familiarize you with the solution and then provide guidance on preparing to deploy Flow Network Security and help you learn the constructs that form your policy framework.
So, what is Flow Network Security? By now, you may have heard the name, read about it or had a conversation about it with a Nutanix employee. First off, and in most basic terms, Flow Network Security is built-in security for workloads that run on Nutanix AHV, our native hypervisor. Think of it more as a feature or solution rather than a separate “product”.
While AHV has been available for many years, one thing became obvious as customers were looking to have more security options in their Nutanix environment; we didn’t have a Nutanix-developed solution to provide network security.
Enter microsegmentation. Network virtualization got its beginning as a Stanford University research project that ultimately became a startup and commercial solution from Nicira, circa 2007. VMware acquired Nicira in 2012 and the solution became, as you may know, NSX, which offered software-defined networking and microsegmentation functionality. Since this time, other software companies have brought their own solutions to market.
Host: Andy Whiteside
Co-host: Harvey Green
Co-host: Philip Sellers
Co-host: Jirah Cox
WEBVTT
1
00:00:02.130 --> 00:00:11.970
Andy Whiteside: Hello, everyone! Welcome to episode. 64 of Newton's weekly. Every host, Andy White Side today is january, 20 third of 2,023. Hey? January is almost over.
2
00:00:12.190 --> 00:00:13.920
Harvey Green: Yeah, Think about it.
3
00:00:14.130 --> 00:00:20.419
Harvey Green: No pressure. What have we got done? Well, I don't know about you guys. Not a lot.
4
00:00:20.480 --> 00:00:30.850
Andy Whiteside: All right. The cast and crew on the screen. Here, with me is Harvey Green, President and CEO of integr Gov. Harvey was last year 2022, Was it?
5
00:00:30.960 --> 00:00:38.040
Andy Whiteside: Everything you dreamed it would be for Zen, Tiger, Gov. And more, which which is great
6
00:00:38.110 --> 00:00:40.370
Harvey Green: it it it was.
7
00:00:40.530 --> 00:00:46.690
Harvey Green: It was the best of the best and and the worst of the worst, all in one. This is the best you ever had.
8
00:00:46.740 --> 00:01:00.419
Harvey Green: That's right. Best year I ever had, and most of work I've ever had all up to the right from here, I would tell you it was going to get easier, but it gets it's still fun. I know better.
9
00:01:00.940 --> 00:01:19.890
Harvey Green: Yeah, good, you know. I don't know if I told you there was an end. But that end at the end you won't. I don't know. Maybe some day that should be I. I can at least say that I've I've accomplished something this month, and that's just listing out the things that I need to do.
10
00:01:20.230 --> 00:01:33.399
Andy Whiteside: So here's an example. I'm on the screen here. I've got my laptop over here with a little crappy camera. I don't even make eye contact with it very much. What am I to do for Christmas was to buy myself a new webcam.
11
00:01:33.630 --> 00:01:44.540
Andy Whiteside: Well stand where 2023, 23 january 20 third. I still don't have a webcam for my office. Set up a listing. It is still accomplishing something, you know.
12
00:01:44.770 --> 00:01:48.579
Andy Whiteside: Well, our other crew members, Philip Sellers. Philip, how's it going
13
00:01:48.670 --> 00:01:54.449
Andy Whiteside: good. How are you?
14
00:01:54.590 --> 00:02:12.249
Andy Whiteside: 8 months or 8 days, I remember, which one, almost 3 months, almost 3 months, all right, and part of that journey for you is to learn the new tanks world, which I know you were excited about coming into you, and probably ask you this last time Highlight, so far, of becoming a newutanic subject matter expert.
15
00:02:13.140 --> 00:02:30.469
Philip Sellers: you know. There's a lot more here than I gave them credit for early on, like. I think a lot of people in the industry. You may not realize, and you may be very pleasantly surprised how much growth there's been in the new tenx platform. What capabilities are there.
16
00:02:30.740 --> 00:02:39.370
Philip Sellers: and differentiation that that exists and other other solutions. Well, one of the things we're gonna talk about flow here in a few minutes. But automation
17
00:02:39.480 --> 00:02:43.919
Andy Whiteside: as a part of the platform. And you said, platform, I said, platform
18
00:02:43.980 --> 00:02:49.979
Andy Whiteside: it's platform, and that's really how you need to look at if you're going to try to do the most out of it. We all screen platform.
19
00:02:50.340 --> 00:02:54.400
Andy Whiteside: all screen platform. You can. Gyros gonna have a t-shirt.
20
00:02:54.730 --> 00:02:56.330
Philip Sellers: But we also
21
00:02:57.000 --> 00:03:08.320
Andy Whiteside: So Jyra Cox is really us. Gyra is our newutanic subject matter expert, gracious enough to join us for these podcasts. I asked him one time what part of his job this was, and he said, is not. I just like you guys, I was like, oh.
22
00:03:08.720 --> 00:03:26.809
Harvey Green: okay, not to be the downer here, but 2,023 is already 6 and a half percent over, so no pressure single digits. Tell me what it's Double digits. Are we done making our less than getting on to stuff now.
23
00:03:27.050 --> 00:03:28.390
Andy Whiteside: Oh, man.
24
00:03:29.000 --> 00:03:33.510
Harvey Green: I think it's where she was, so
25
00:03:34.530 --> 00:03:38.840
Andy Whiteside: I think it's pretty much a given every year, though, that January just kind of go flying by, and
26
00:03:39.250 --> 00:03:47.819
Andy Whiteside: I mean the kids. My kids are out of school my 8 days in January, I remember I used to couldn't get a day off after Christmas and their home every day.
27
00:03:48.510 --> 00:03:51.860
Harvey Green: Wait, you can now.
28
00:03:52.360 --> 00:03:58.220
Jirah Cox: No, he pulls up his inbox for December 20, sixth.
29
00:03:59.610 --> 00:04:05.920
Andy Whiteside: Well, I do. You know it's easy when you love what you do. I don't know if that makes it go by fast, but it definitely makes it go by fast.
30
00:04:06.040 --> 00:04:07.780
Harvey Green: Yes, almost too fast.
31
00:04:07.900 --> 00:04:08.830
Yes.
32
00:04:09.330 --> 00:04:15.640
Andy Whiteside: Well, guys, Today we agreed to talk about automation, because that's my favorite topic.
33
00:04:18.310 --> 00:04:28.429
Andy Whiteside: and it Look, this is my second podcast today where we talk about automation, and the first one was in service. Now we talked about, you know, integrating Newton, and flow as part of that one as well.
34
00:04:29.530 --> 00:04:31.160
Andy Whiteside: You know automating
35
00:04:31.890 --> 00:04:34.369
Andy Whiteside: good processes is a no-brainer.
36
00:04:34.510 --> 00:04:40.710
Andy Whiteside: and one of the things I love about the service. Now platform. It gets us a chance to kind of make those processes efficient, and then automate them
37
00:04:40.800 --> 00:04:43.710
Andy Whiteside: in conjunction with integrations from things like flow.
38
00:04:44.060 --> 00:04:45.210
So i'm.
39
00:04:45.280 --> 00:04:46.640
Andy Whiteside: I'm softening.
40
00:04:51.080 --> 00:04:56.779
Andy Whiteside: So this this blog is from October 20 eighth.
41
00:04:57.210 --> 00:05:01.969
Andy Whiteside: It is Newtonics flow security best practices part one.
42
00:05:02.040 --> 00:05:05.129
Andy Whiteside: What is flow, network, security. So
43
00:05:05.470 --> 00:05:09.440
Andy Whiteside: I guess everything in it these days consumer
44
00:05:09.620 --> 00:05:13.799
Andy Whiteside: enterprise. It all needs a security, I to it.
45
00:05:13.910 --> 00:05:18.639
Andy Whiteside: and automation is, of course, something that's important that we
46
00:05:18.980 --> 00:05:23.449
Andy Whiteside: try to make sure we don't leave wide open, and we do recommended practices.
47
00:05:23.640 --> 00:05:24.590
Andy Whiteside: So we're not.
48
00:05:24.610 --> 00:05:29.289
Andy Whiteside: We are so vulnerable or unable to answer those challenging questions when they come?
49
00:05:29.410 --> 00:05:34.540
Andy Whiteside: You know, Did you not do this for that, gyro you you brought us this blog.
50
00:05:34.830 --> 00:05:37.219
Andy Whiteside: Why is why is it important?
51
00:05:37.800 --> 00:05:51.029
Jirah Cox: I can think of 2 2 examples that I've come across recently. One was this: this morning I was on a on a forum that someone was posting about. Hey, my! My sea level and my vps come to us by it, team, and said, hey.
52
00:05:51.240 --> 00:06:03.409
Jirah Cox: you know the business, and will start quantifying your value, which is kind of terrifying right as a question. But it's like Well, part of that would be well. How do you quantify the value of no successful rent, and we're infections right?
53
00:06:03.550 --> 00:06:06.960
Jirah Cox: You know what it will prove prove the negative there.
54
00:06:07.050 --> 00:06:14.580
Jirah Cox: But but even then the other one, the the even even more terrifying one. Both are terrifying, equally terrifying in different ways.
55
00:06:15.960 --> 00:06:18.489
Jirah Cox: Bunch of headlines going around recently right around
56
00:06:18.730 --> 00:06:19.960
Jirah Cox: a lot of
57
00:06:20.130 --> 00:06:26.189
Jirah Cox: insurance companies that are pondering, let's say, getting out of the game of writing or underwriting.
58
00:06:26.300 --> 00:06:36.139
Jirah Cox: ransomware, insurance or cyber security insurance, right? Because it's just not working out for them economically right. The tax are getting more frequent, more successful.
59
00:06:36.290 --> 00:06:40.440
Jirah Cox: bigger, with more penalties or bigger ransoms
60
00:06:40.580 --> 00:06:42.679
Jirah Cox: to recover.
61
00:06:42.800 --> 00:06:49.759
Jirah Cox: so that I I think that that is the more terrifying thought of those 2 right like what if there was no plan? B,
62
00:06:50.340 --> 00:06:51.990
Jirah Cox: you know, and the man? It became
63
00:06:52.100 --> 00:07:02.030
Jirah Cox: be more successful, more of the time at inhibiting more preventing ransom or infections in the environment. Right now we're covering from them just from back up to from snapshots when they occur.
64
00:07:02.980 --> 00:07:16.329
Jirah Cox: Yeah, I got a question how long you're gonna let me go on talking about column as if we were talking about. You know I know a part of the stick of the podcast, where our charm is like the No edit model.
65
00:07:16.470 --> 00:07:23.859
Jirah Cox: It's been a long day we one take that's that's what we do all right. Well, if you don't believe it's one. Take you down, hey? Today we're going to talk about flow.
66
00:07:24.140 --> 00:07:41.720
Jirah Cox: I think we could all agree the best kind of security models are automated right? So there's there's some cross-pollination there. I appreciate you cleaning that one up. Yeah, man operation. Human powered operations have variance, and we don't like that insecurity.
67
00:07:41.730 --> 00:07:44.400
Jirah Cox: All right. Well, I hate automation, but I love networks
68
00:07:48.170 --> 00:07:52.910
Jirah Cox: security. I arguably good automation.
69
00:07:53.730 --> 00:07:55.579
Andy Whiteside: All right
70
00:07:55.970 --> 00:08:05.540
Andy Whiteside: also, Harvey and Philip, would you agree that understanding how to micro segment and security network is something that everybody should have a handle on before they just start setting up crap
71
00:08:06.340 --> 00:08:16.669
Harvey Green: only if they want to contain certain things in certain areas. If they just want everything running around all willingly, then they probably don't want this.
72
00:08:16.680 --> 00:08:34.489
Philip Sellers: I would argue that most of them probably have everything running around Willie Millie today. I mean. I would argue that too. But it is it what they want that that desired desired outcome. Versus
73
00:08:34.570 --> 00:08:43.930
Andy Whiteside: is that because they inherited layer, 2 networks or somebody who had a great idea that's no longer a great idea, implemented a layer 3 and maybe 4 network.
74
00:08:45.360 --> 00:08:52.640
Harvey Green: I mean, I guess my quick answer to that is, I would say, because it used to be super hard.
75
00:08:53.020 --> 00:08:57.979
Harvey Green: It was, you know, there there was
76
00:08:58.450 --> 00:09:05.329
Harvey Green: not only the piece of you have to think about what you want to move from one
77
00:09:05.470 --> 00:09:07.720
Harvey Green: container to another container.
78
00:09:07.990 --> 00:09:13.039
or one zone to another zone, depending on what you call it, within your network. But
79
00:09:13.340 --> 00:09:23.080
Harvey Green: you know you have traffic that has to move from one place to the other. You have to allow for that traffic to move for one place to the other, and then you have to stop the other stuff from happening, so
80
00:09:23.400 --> 00:09:31.980
Harvey Green: that that on its head sounds pretty easy. I know I want this to to that place. I know I want this to go that place. I want this thing not to make it either place.
81
00:09:32.040 --> 00:09:32.960
Harvey Green: That's great.
82
00:09:33.130 --> 00:09:35.930
Harvey Green: But then, what does that mean for your applications?
83
00:09:36.170 --> 00:09:44.130
Harvey Green: And you know, if you are running an application, or you have a user running an application, and they're walled off from the server they need to get to
84
00:09:44.170 --> 00:09:47.520
Harvey Green: in order for that application to function that becomes
85
00:09:47.680 --> 00:09:51.270
Harvey Green: a very big issue for you.
86
00:09:51.320 --> 00:09:55.120
Philip Sellers: and I agree with Harvey. It used to be much harder.
87
00:09:55.220 --> 00:09:57.099
Philip Sellers: It is easier today.
88
00:09:57.360 --> 00:10:07.330
Philip Sellers: but it's still easier further, just to keep things wide open. You know there's no configuration. There's no anything in the middle of things.
89
00:10:07.450 --> 00:10:22.519
Philip Sellers: And it's hard to fight. 2530 years of prevailing wisdom that you harden the outside of your network and the insides. Okay. And I think a lot of people still think that way today
90
00:10:22.640 --> 00:10:28.100
Philip Sellers: that it's okay to just worry about securing your perimeter
91
00:10:28.180 --> 00:10:37.889
Jirah Cox: and not worry about what's going on in the network
92
00:10:37.990 --> 00:10:48.340
Andy Whiteside: I was waiting on, and that was the application. So okay, there's layer 2 networks from back in the day, you know my links to switch to here my desk, my dome, dumb switch.
93
00:10:48.470 --> 00:11:02.020
Andy Whiteside: and then there became a micro segmentation of data flow, you know ones and zeros. And then it became, hey, what is the application doing? Who needs access to it? What's the app supposed to be doing, it became application centric.
94
00:11:02.200 --> 00:11:08.210
Andy Whiteside: which to some degree made it even more complex for network guys who may not have been told what
95
00:11:08.310 --> 00:11:10.809
Andy Whiteside: what the app was up to correctly.
96
00:11:12.050 --> 00:11:12.800
Yeah.
97
00:11:13.150 --> 00:11:14.200
Jirah Cox: yeah, I mean
98
00:11:14.390 --> 00:11:20.889
Jirah Cox: to agree with Philip right like past 20 or 30 years is primarily just been about increasing network performance, and
99
00:11:20.910 --> 00:11:26.070
Jirah Cox: maybe making it denser, right? But fundamentally same Nicks same switches that we kind of use back then.
100
00:11:27.960 --> 00:11:41.520
Jirah Cox: you know. And so, being in the business of sort of being like. Wait slow down. Let's secure stuff. Let's make it harder to get to either was like physically expensive. You were talking like a siloed design, or this app is buying a firewall. But but the rest of my my vms are not
101
00:11:44.440 --> 00:11:48.410
Jirah Cox: yeah or or you're getting massively more complex in your your network design.
102
00:11:48.790 --> 00:11:54.079
Philip Sellers: Well, and I've I've been through a number of different exercises with, you know.
103
00:11:54.220 --> 00:11:58.550
Philip Sellers: is these, you know, independent software vendors. They brought in their product
104
00:11:59.660 --> 00:12:02.120
Philip Sellers: worked in a fairly secure
105
00:12:02.690 --> 00:12:14.809
Philip Sellers: environment, and they can't articulate what it actually takes for their application to communicate, what ports, and what traversal, and what talks to what? So
106
00:12:15.110 --> 00:12:29.499
Philip Sellers: you know a. As as a operations person. If If your expert can't help you map those things out, it becomes a very stressful and difficult process to implement those rules as well.
107
00:12:29.880 --> 00:12:30.910
Harvey Green: Yes.
108
00:12:31.080 --> 00:12:32.170
absolutely
109
00:12:33.030 --> 00:12:33.830
cool.
110
00:12:34.350 --> 00:12:40.629
Andy Whiteside: Going back to the okay. So one thing I want to say, and i'm hard to come out of you. But you know, when it came to network changes back in the old days
111
00:12:41.130 --> 00:12:45.290
Andy Whiteside: i'm back in the old days like when I was this, and then some broke
112
00:12:45.600 --> 00:12:56.049
Andy Whiteside: the network guy and the application. Guy started pointing fingers at each other, and it was my job as one of those, but also in a leadership role in the organization. Okay, Who changed? What? Because it used to work?
113
00:12:56.190 --> 00:12:57.410
Andy Whiteside: No, it doesn't work.
114
00:12:57.880 --> 00:12:59.320
Andy Whiteside: Something changed.
115
00:12:59.530 --> 00:13:03.329
Andy Whiteside: and more often than not. It was nobody really want to take the blame
116
00:13:03.970 --> 00:13:17.980
Andy Whiteside: one of my favorite stories to tell in that regard as I went in, and I I was like crap. I don't get it. I start touching the you know the ports on the right, on the on the switch, or maybe it was on the patch panel, whatever, and I touched when i'm gonna heard click. I was like, oh, and then boom! Everything started working here.
117
00:13:23.770 --> 00:13:26.150
Andy Whiteside: Harvey, you're gonna say something. I interrupt you.
118
00:13:26.280 --> 00:13:39.339
Harvey Green: Oh, I don't remember. Now you go ahead all right. So i'm in this one paragraph. Here i'm highlighting on screen before flow network Security was Da network customer.
119
00:13:39.350 --> 00:13:57.019
Andy Whiteside: But you know micro segmentation had to rely on third parties. It was complicated. It was a lot to, you know. Bring in a whole. Another set of technologies. It wasn't integrated now. So you know what is now. We've got it built into a. Hv. In the Acropolis world, and then, so how easy is it? I haven't had a chance to do it.
120
00:13:57.030 --> 00:14:00.089
Andy Whiteside: Is it? Is it? How how simple have you guys made it jar?
121
00:14:00.650 --> 00:14:11.000
Jirah Cox: It's a it's crazy, simple. It's actually pre installed right. It's actually on every running. H. We hypervisor instance. So there's nothing to install, nothing to deploy. You simply turn on the control plane
122
00:14:11.060 --> 00:14:12.620
Jirah Cox: lives inside Prison central.
123
00:14:12.660 --> 00:14:21.879
Jirah Cox: and that's it. So one check box. And then after that you're just right in the business of writing policies. Of what do you want to control and allow, or disallow, or
124
00:14:22.550 --> 00:14:25.050
Jirah Cox: or monitor? So so
125
00:14:25.140 --> 00:14:32.500
Jirah Cox: to to even more simply put that it's like putting a firewall in front of every single virtual machine. Nick. Right? So
126
00:14:32.660 --> 00:14:49.430
Harvey Green: it's there to start giving instructions. I'll i'll second, that you know this is one of those things that when somebody tells, or when somebody told me how easy it was, and that, like Driver said, it's just a check box, and then you're going and writing policies.
127
00:14:49.750 --> 00:14:52.310
Harvey Green: It's one of those moments where I go. All right.
128
00:14:52.670 --> 00:14:54.669
Harvey Green: That sounds too good to be true.
129
00:14:54.770 --> 00:14:55.649
Harvey Green: Prove it.
130
00:14:55.990 --> 00:15:07.160
Harvey Green: and so I had. You know, my first time implementing it. I had somebody right next to me, saying, okay, go here, go here, click the check box. I click the check box.
131
00:15:07.370 --> 00:15:20.149
Harvey Green: and everything else was literally like I said, it's just writing policy. This this set of traffic can go here. This set of traffic can go here that can't go anywhere outside of its own little box, and it was like.
132
00:15:20.590 --> 00:15:24.769
Harvey Green: Okay, it's not supposed to be this simple.
133
00:15:25.390 --> 00:15:33.939
Harvey Green: but I mean they have they. They've got a very nice gui. They got a very nice set up there, where you can actually
134
00:15:34.300 --> 00:15:39.380
Harvey Green: see and visualize what's happening, and what you're putting into place, and that makes it
135
00:15:40.200 --> 00:15:58.190
Harvey Green: extremely easy. And, Harvey, when you check that box, did it turn off all communication? Did it Just start monitoring communication and start suggesting stuff. What did you do? Well, you You've got options there, so you you can have it. Start as soon as you want it to start.
136
00:15:58.560 --> 00:16:04.959
Harvey Green: and then you just have everything blocked, and you figure your way back to where everything works
137
00:16:05.190 --> 00:16:07.450
Harvey Green: or you can watch.
138
00:16:07.500 --> 00:16:22.860
Jirah Cox: Yeah, there, there's well, yeah, there's no risk of. There's no way to turn it on, and all of a sudden lose all traffic. Right? So but yeah, you're enabling the the the control plane right? And then you could certainly create a policy to say totally like, you know, stop everything, and only only allow what I white list.
139
00:16:22.960 --> 00:16:26.810
Jirah Cox: But you you would do that pretty intentionally. But
140
00:16:27.850 --> 00:16:37.960
Jirah Cox: but yeah, actually, I think Phil actually was touching on the the sort of the the Roman value proper, because if you listen to this and you go Well, great. I can make policies, but I don't know what policies to make.
141
00:16:37.970 --> 00:16:56.509
Jirah Cox: Then what you can do from minute, one right with flow is, let's start telling you what it what it observes right? What traffic actually already is flowing, which involves a certain amount of trust around, like steady state and current state like is this: is this secure? Or is there like an ongoing infection? Right? And you would need to kind of understand that a little bit.
142
00:16:56.760 --> 00:17:19.060
Jirah Cox: But you know, if you look at it and say that server shouldn't be talking about server at all, well surprise it is great. We already we're already proving our value. There, go, stop it. But it heard it looks, you know, pretty healthy, and you can see, like, okay, yeah, these database servers talk to these, you know, app to your servers, and then communicate with these web-share servers or load balancers that's all pretty normal. Well great. Now we've already fingerprinted all of the traffic there.
143
00:17:19.490 --> 00:17:24.889
Jirah Cox: So then, then you can start saying what's currently flowing. That's considered my
144
00:17:24.950 --> 00:17:33.590
Jirah Cox: my allowed state, and then and then new stuff. Beyond that you can say. I want to get worded when other things try to communicate, just allow them
145
00:17:34.730 --> 00:17:36.600
Jirah Cox: and build policies based off of that.
146
00:17:37.890 --> 00:17:56.930
Andy Whiteside: So I think you can go back to your isps and say, hey, I found out what ports your your application needs, and we only allow those now and and as you move to Isvs and Clouds. Well, in this case, Isvs, or maybe clouds, you have clouds to. It becomes more and more important to be able to control this traffic flow.
147
00:17:57.610 --> 00:18:10.740
Andy Whiteside: Because now you're in shared environments. Yeah, all right. So I think we've answered this. But let's make sure. So what does micro segmentation do or solve. For as opposed to network segmentation that we all grew up on.
148
00:18:12.530 --> 00:18:22.580
Jirah Cox: So this is security without need to change your network design and all right. So this works on the network you already have and already are. If you're listening to this, probably running the tenx on or thinking about.
149
00:18:22.640 --> 00:18:33.369
Jirah Cox: so no need to react to your vms. No need for more Vlans. The need for more routers, switches, hairpinning traffic, any of that stuff right? Like the Vms you have today
150
00:18:33.400 --> 00:18:35.000
Jirah Cox: on the network you have. The day
151
00:18:35.100 --> 00:18:37.319
Jirah Cox: can just gain more security right in place.
152
00:18:37.660 --> 00:18:40.130
Jirah Cox: game, but game, better security posture right where they are.
153
00:18:43.640 --> 00:18:44.450
Andy Whiteside: and
154
00:18:45.000 --> 00:18:51.970
Andy Whiteside: that is very application, friendly versus network segmentation which the app was just along for the ride.
155
00:18:53.270 --> 00:18:57.149
Jirah Cox: Sure, yeah, If you were taking a network segmentation approach right, you'd be doing
156
00:18:57.200 --> 00:19:06.479
Jirah Cox: a ton of reacting. A lot of Dns updates probably get lots of calls from users around the application connectivity that probably none of us want you to be getting
157
00:19:06.690 --> 00:19:07.390
Yeah.
158
00:19:08.940 --> 00:19:15.339
Andy Whiteside: all right. So in the next section of the blog it's got a a bunch of work, a bunch of flow process flow.
159
00:19:16.040 --> 00:19:17.670
Andy Whiteside: How do we
160
00:19:17.690 --> 00:19:20.660
Andy Whiteside: cover this in such a way that makes sense to a listener?
161
00:19:22.130 --> 00:19:37.720
Jirah Cox: Yeah, if you want to look at a flow chart of how flow evaluates traffic policies check out this blog which we Haven't said, yet actually is on our intacts dev blog. So in Connecticut dev is our super technical blog really good stuff on there, so there's a whole flowchart of the
162
00:19:37.730 --> 00:19:55.139
Harvey Green: flow engine. How it evaluates policies that you can go check out with when you're not driving, or next time you're at your computer. How's that? Good? Yeah, I think that was good. Good job. The the main thing to take away is it's easy to understand what it's doing to
163
00:19:55.260 --> 00:20:00.909
Andy Whiteside: understand, to to to manage the process, and it's clearly defined.
164
00:20:01.010 --> 00:20:03.840
Andy Whiteside: And you can. You can really get specific
165
00:20:03.880 --> 00:20:17.650
Jirah Cox: about what you want to happen. And what part of the process is that figure? Yeah. So I mean, it's a layer for firewall. Right? So you can always talk about source and destination. IP. Addresses, or source and destination subnets or network masks.
166
00:20:17.710 --> 00:20:31.970
Jirah Cox: protocols, and ports. Right? So any kind of a rule you can write with those kind of verbs that's what flow can evaluate natively and in fortune deny you could even bolster this by adding
167
00:20:32.040 --> 00:20:45.119
Jirah Cox: third party firewalls like adding Apollo in there to say, you know, do web session control as well redirect to partner appliances, but out of the box it's layer 4. So that's the the mechanism that works at the engine that everybody always rolls in.
168
00:20:45.180 --> 00:20:45.810
Yeah.
169
00:20:46.010 --> 00:20:57.790
Andy Whiteside: Okay. So the next section of the blogs is what's what are the benefits of micro segmentation with flow network security. First one is gain visibility. I think it goes back to my question to Harvey August. What happens when you turn it on
170
00:20:57.880 --> 00:20:59.150
Andy Whiteside: at the release
171
00:20:59.210 --> 00:21:01.960
Andy Whiteside: you get a nice roll up of what's happening, right?
172
00:21:02.460 --> 00:21:18.079
Harvey Green: Yeah. So on on this piece of the blog, for those who can see it are are going to the link to look at it. You'll you'll see kind of illustrations of what they pulled out of the Gui when when it was in monitor mode.
173
00:21:18.300 --> 00:21:24.220
Harvey Green: and so at a very basic level for those who can't see it at the top. It tells you what you've configured.
174
00:21:24.590 --> 00:21:28.200
Harvey Green: and at the bottom it tells you what you what it's discovered for you.
175
00:21:28.520 --> 00:21:45.169
Harvey Green: And at that point you know again, you can kind of make smarter decisions, so that to Andy's point you Don't, block everything from going everywhere. You can already see what it has discovered for you, and then choose to allow or deny that traffic appropriately.
176
00:21:45.400 --> 00:21:46.060
Andy Whiteside: right
177
00:21:47.140 --> 00:21:51.520
Andy Whiteside: being in for a gi. Joe, right knowing is half the battle.
178
00:21:51.720 --> 00:22:05.000
Andy Whiteside: Yes, a real American hero, real Internet Cloud Hero. Okay, Gyro, fill up any additional comments to just the visibility piece.
179
00:22:05.770 --> 00:22:18.600
Jirah Cox: Just that. It's a a super common pain point. If you're in that category like Phil mentioned around like, I have no idea what my apps are, because my application owners don't know what their apps require, hey? This this directly addresses that really easily.
180
00:22:18.700 --> 00:22:26.319
Philip Sellers: Well, and not just. Maybe your application vendors. But maybe you're in house developers. I mean, we we don't necessarily pay developers to
181
00:22:26.350 --> 00:22:35.920
Philip Sellers: map out everything that they're talking to and stuff or or know those things. They're consuming services, and they may not provide you with a
182
00:22:36.360 --> 00:22:44.820
Philip Sellers: a treasure map when they hand over the application to the operations team. So it's a great way of seeing what's going on in your in house apps as well.
183
00:22:46.820 --> 00:22:48.479
Philip Sellers: I mean.
184
00:22:48.550 --> 00:22:53.359
Philip Sellers: my wife works in a in an environment where they're trying to
185
00:22:54.230 --> 00:22:57.719
Philip Sellers: to change and track certain things, you know. If you don't
186
00:22:58.190 --> 00:23:06.809
Philip Sellers: measure it, you you can't improve it. And so visibility is huge, right? I mean making things visible is the first step.
187
00:23:07.060 --> 00:23:08.060
Harvey Green: Yeah, yes.
188
00:23:08.280 --> 00:23:17.939
Harvey Green: yeah, that's that's my list for 2,023. I have to make it visible before I can go do the rest of the stuff. There you go. There you go.
189
00:23:18.980 --> 00:23:37.669
Andy Whiteside: all right. Next section says secure Ew: traffic. I know what that means drives me nuts. The tech guys use acronyms. I've never seen that one before, but I know what it means. Zyra, what does this mean? So so this is East West, meaning traffic sort of left to right on a switch right not going up and down to a upstream or downstream. Router
190
00:23:37.690 --> 00:23:53.819
Jirah Cox: to your question before Eddie right around like, Why wouldn't I just do network segmentation right to the implement security? Partly because network information doesn't really help you with East West traffic, right? So like. So like a couple of examples would be 2 things on the same switch, right or even 2 vms on the same hypervisor.
191
00:23:53.980 --> 00:24:06.070
Jirah Cox: Normally, nothing really impedes that traffic. If you're on the same hypervisor instance, nothing even hits the switches to see that right? So then you would need like in guest agents which you know we don't really do for for flow don't need for flow.
192
00:24:06.560 --> 00:24:14.899
Jirah Cox: But since we're operating at the V Nick level right then even Vm. To Vm. On the same hypervisor that private can be seen controlled. You can apply policies to it.
193
00:24:17.550 --> 00:24:19.620
Andy Whiteside: Philip. You're
194
00:24:19.760 --> 00:24:21.290
Andy Whiteside: data Center guy
195
00:24:21.570 --> 00:24:24.399
Andy Whiteside: East West traffic matters. You has for a long time. Right
196
00:24:25.100 --> 00:24:44.409
Philip Sellers: it does. But this is back to the old old school, you know. Thing I mean, this is kind of your candy bar, and we cared about the nice chocolate outside, but not the Ui Gui nugget center of the key part. You know
197
00:24:44.480 --> 00:24:46.529
Philip Sellers: the this is where
198
00:24:46.560 --> 00:24:56.030
Philip Sellers: we're being leveraged. I mean frankly, that's where the bad guys are going after our networks at this point, and that's why this matters most.
199
00:24:56.190 --> 00:25:06.269
Philip Sellers: You know ransomware is coming in on an endpoint, and when the endpoint is able to talk unobstructed to the virtual machines sitting here in Newtownx.
200
00:25:06.430 --> 00:25:12.860
Jirah Cox: it's going to be a bad day for your organization
201
00:25:12.890 --> 00:25:15.229
Jirah Cox: if if i'm a if i'm a R. Somewhere attacker.
202
00:25:15.410 --> 00:25:21.949
Jirah Cox: if you have whatever let's say, 500 desktops, the odds that I landed on the one that has the user session with the best credentials
203
00:25:22.230 --> 00:25:30.080
Jirah Cox: astronomically low, right? So i'm going to try to go, move east, west, right, move horizontally in the environment. Get to other desktop other sessions.
204
00:25:30.130 --> 00:25:50.079
Jirah Cox: See what I can get to from there. So that's where all the that we say East West Co: Just a topologically kind of traffic movement looks like, and North South that would be in ingress and egress out of your network. And i'm assuming what we're saying here is that most people have improved since the nineties and those routers aren't wide open anymore.
205
00:25:50.820 --> 00:25:52.460
Jirah Cox: I think it's more like.
206
00:25:52.530 --> 00:26:03.140
Jirah Cox: less and less traffic has to do in North South Traversal right. More things happen east-west without such a router right going from desktop to desktop desktop to demand controller fewer things.
207
00:26:03.180 --> 00:26:22.569
Jirah Cox: You know think it 20 years ago, right to go from Web Server to Davis, where you might go across 5 cabinets, and you know 2 switches and a router in the middle. And and now again that density, right, and performance comes in from virtualization. Fewer and fewer things have to cross that core or touch a router or point of routing, even
208
00:26:22.700 --> 00:26:30.469
Jirah Cox: to get what they need to get to so East West, where it all happens these days. Therefore you need more control over that kind of flow or flow pattern.
209
00:26:30.690 --> 00:26:49.499
Harvey Green: and I think that ties into the next one. Harvard, you want to take it first limit ran somewhere. That's that's where the bad stuff is coming today. Yeah, absolutely. I mean, at at this point, to to what Gyro is just speaking about. You know the the attacker is the malware, the whatever is not going to come in
210
00:26:49.530 --> 00:27:05.659
Harvey Green: highway of a domain, admin or somebody, you know, who has credentials that will take it all the places it wants to go across the network. So you know, the the code is now set to basically just start
211
00:27:05.770 --> 00:27:07.890
Harvey Green: touching everything that they can touch.
212
00:27:08.070 --> 00:27:20.310
Harvey Green: And if you use micro segmentation to stop it from being able to go anywhere outside of a a certain container, it can only affect within that container
213
00:27:20.640 --> 00:27:27.359
Harvey Green: and the the smaller you make that the more secure you'll be from from that standpoint.
214
00:27:28.110 --> 00:27:32.999
Harvey Green: Go and do it for every single workstation but you could.
215
00:27:33.300 --> 00:27:39.209
Jirah Cox: There's a whole school of thought right how this evolves into like 0 trust networking where basically to to short circuit that
216
00:27:39.360 --> 00:27:53.129
Jirah Cox: just because i'm in network doesn't mean, I want to trust it right or the opposite right in this case, if it's like something that the end user does work on, I actually I actually actively. Don't want to trust it right? That's almost as untrusted as like the wide open Internet.
217
00:27:53.430 --> 00:27:57.820
Jirah Cox: But I have to run a virtual desktop, an Ec. Environment that I deliver and control
218
00:27:58.290 --> 00:28:03.809
Jirah Cox: from my network. So how I keep it on my network, and yet not trust it, and yet maintain full control over it
219
00:28:03.840 --> 00:28:09.719
Jirah Cox: and and flows. I'm going to do that. I think this article might not even go deep into it. But to give that quick sidebar
220
00:28:09.930 --> 00:28:13.859
Jirah Cox: with flow, we can even change what the firewall rules are on that Vm.
221
00:28:14.060 --> 00:28:31.270
Jirah Cox: Based on who logged into it right? So it's a contractor. If it's a vendor, they get nothing, maybe like the one copy, or they want to go touch and Internet access. And when one of us logs in as an admin, we get other internal systems that we can can go, see and touch or get to a jump box that that the vendor couldn't have gotten to. So
222
00:28:31.280 --> 00:28:44.050
Jirah Cox: yeah, so 0 trust. And how do I restrict access? You know not. Let them have wide open access to my network. Maintain that control. You know this is a a an easy way to get really really far down that road. Real fast.
223
00:28:44.080 --> 00:28:50.580
Harvey Green: right? Yeah, that's absolutely it. It's very, very customizable. You You've got the ability to kind of see
224
00:28:50.870 --> 00:29:06.760
Harvey Green: as you're putting in these types of policies, you got the ability to see what you're doing, so that you know, so that hopefully you don't make mistakes, but at least, if you do, you'll be able to kind of visualize and see those mistakes
225
00:29:06.960 --> 00:29:09.520
Harvey Green: to help you through that piece of it as well.
226
00:29:09.680 --> 00:29:10.340
Andy Whiteside: Right
227
00:29:11.030 --> 00:29:17.819
Andy Whiteside: Next one talks about the less reliance on next generation firewalls. Is that because we don't have to talk to those network admins anymore?
228
00:29:18.230 --> 00:29:26.900
Jirah Cox: No, we love our network admins right like they're key to everything we do without that. Everything stops pretty fast.
229
00:29:27.140 --> 00:29:36.790
Jirah Cox: but but some of the most tool, the tools that the most deepest inspection help capabilities right like a layer. 7
230
00:29:36.990 --> 00:29:38.959
Jirah Cox: inspecting firewall, or like a
231
00:29:39.340 --> 00:29:54.169
Jirah Cox: are the most expensive right, and have the have the sort of least throughput compared to like every switch port and the data center added together. So we want to use them for the right workload right? So if we needed to do like web session inspection. I want to only pass that kind of traffic through that.
232
00:29:54.190 --> 00:30:01.110
Jirah Cox: and not make it look at. Maybe all my 80 queries, or my backups or other like nonsense traffic to or for my virtual machine.
233
00:30:01.200 --> 00:30:19.069
Jirah Cox: so that ability to it's not less reliance. It's more like a more targeted use case of like, use them for what they're really really good at what I need them to do. But it, but, you know, use a more scalable and native solution. Like I still get in the firewall, They'll excuse me, build a hypervisor to do my broad
234
00:30:19.490 --> 00:30:22.150
layer for firewalling. All my vms.
235
00:30:22.300 --> 00:30:40.140
Andy Whiteside: Right. Yeah, that was just a joke, all right. Oh, no, you're fine, so it's more like a scarce resource kind of a proposition. Well, I love the way you answered it, and it could be. And I don't think you said it this way. But there's those technology devices we want to use those what they're good for. We also want to take that the time that
236
00:30:40.150 --> 00:30:50.139
Andy Whiteside: those network admins let them go do what they're good at, not, you know, and let us as the application owners virtual machine owners add a layer of network security that we control.
237
00:30:50.500 --> 00:30:51.150
Jirah Cox: Sure.
238
00:30:51.500 --> 00:31:02.420
Jirah Cox: Well, and we can tie this back to how we kinda started like with automation once. I have all of my policies set up for like this is how I secure
239
00:31:02.430 --> 00:31:12.129
Jirah Cox: Active directory, joined database servers. This is how I secure my Linux public web servers all these various policies that I can just create once, and then use repeatably
240
00:31:12.270 --> 00:31:31.609
Jirah Cox: the act of applying that security policy to a new Vm. Is trivial, right? It's like literally like a flag in my automation run, or my Api call, or my service. Now, Job, execution to say, Yes, I want a Vm. With these many V cpus and memory and storage, and this guy over here is the owner. But this team can access it. And I want this backup policy.
241
00:31:31.620 --> 00:31:41.889
Jirah Cox: Oh, and by the way, it gets this flow network policy, and from the minute that that Vm. Is deployed it's part of our security policy, right? And has posture already in place
242
00:31:42.010 --> 00:31:46.889
Philip Sellers: One. The policies can be applied by categories inside of new tanks. So
243
00:31:46.990 --> 00:31:55.389
Philip Sellers: you know you. You also get auditability, and you know where those elements are at, and it's an easy change. I mean the simplification.
244
00:31:55.430 --> 00:31:56.640
Philip Sellers: I think
245
00:31:56.850 --> 00:31:59.180
Philip Sellers: it is a huge part of
246
00:32:00.030 --> 00:32:01.520
Philip Sellers: of the story there
247
00:32:01.810 --> 00:32:11.600
Harvey Green: absolutely, you know, I mean. And we talked through already some of those pieces, and being able to to do that, you can do that by, user so that you have
248
00:32:11.630 --> 00:32:17.049
Harvey Green: certain sets of users who get certain policies, and then you can to it by machine.
249
00:32:17.130 --> 00:32:20.149
Harvey Green: which again, like we're talking about. Now, you know you
250
00:32:20.240 --> 00:32:26.300
Harvey Green: add a domain controller. It gets the Domain Controller policy. You add a print server that the prints are a policy like
251
00:32:26.330 --> 00:32:31.900
Harvey Green: You've got the ability from from day one from as soon as those machines are built.
252
00:32:31.960 --> 00:32:36.819
Harvey Green: to have them already in the policy. The first time that they boot up.
253
00:32:40.070 --> 00:32:44.690
Andy Whiteside: So, guys, this the next one is maintain regulatory compliance.
254
00:32:46.160 --> 00:32:53.650
Andy Whiteside: You know it's a necessary evil at this point one, so you can get your insurance policy in 2, so that the world of governance can make sure that we're
255
00:32:54.310 --> 00:33:00.319
Andy Whiteside: that everybody that meets certain has certain regulatory compliance. Certification needs
256
00:33:00.410 --> 00:33:02.840
Andy Whiteside: is attempting to
257
00:33:03.520 --> 00:33:08.020
Andy Whiteside: comply with what what the industry has said is necessary.
258
00:33:08.300 --> 00:33:20.060
Harvey Green: Yeah. But again, you know, having having the ability to have visibility from the front, I already helps you, because when you can go and actually
259
00:33:20.150 --> 00:33:39.099
Harvey Green: prove that this is the way this is set up and show someone who doesn't work in networking every day or doesn't work in his handics every day something simple where they can understand. Okay, this line goes from here to here. That line doesn't go anywhere like. They can understand that pretty easily.
260
00:33:39.380 --> 00:33:43.220
Harvey Green: So the ability to take that with
261
00:33:43.420 --> 00:33:56.179
Harvey Green: pretty, you know, not not a high level of effort to pull that down and actually put it in front of somebody who can, you know, pass a failure from an audit perspective. I I think it's pretty important.
262
00:33:56.940 --> 00:34:15.320
Jirah Cox: I think it's that. I think it's Also, we we can all think of of past customers, past jobs where it's been like, okay, this is this: this: this system's in scope for a certain audit or certain control, one of the easiest ways for the business to sort of get the assurance they need. There is, give it a silo right? It gets on storage, and it's on compute its own whatever
263
00:34:15.429 --> 00:34:21.699
Jirah Cox: which works. But there's some inherent kind of waste there. And and with this being a way to apply security policy
264
00:34:21.820 --> 00:34:33.099
Jirah Cox: makes into a larger environment. If that if that satisfies the controls, then that actually gets more efficiency right, fewer admin teams, or better human to managed Vm. Ratio
265
00:34:33.510 --> 00:34:37.850
Jirah Cox: and and better density. Better use of the resources
266
00:34:38.370 --> 00:34:39.699
Jirah Cox: combined with.
267
00:34:39.860 --> 00:34:45.130
Jirah Cox: If you're going for regular regulatory compliance, the more you can automate that the better Your posture.
268
00:34:45.199 --> 00:35:03.500
Jirah Cox: anyway. Right? You don't want that to be a human controlled process or a bunch of one offs right because people make mistakes. We've made mistakes on this podcast, but the more I can automate all of that, you and the other, we no Harvard, I mean mistakes like bucket. The the more you automate right, the more repeatable something becomes.
269
00:35:04.590 --> 00:35:17.929
Philip Sellers: Well, that's it. I mean, remove. Remove the human factor, right? I mean, across this whole thing, whether we're talking about the automation of the security controls, or whether we're talking about who we trust and not trusting, are. Are you.
270
00:35:18.070 --> 00:35:24.569
Philip Sellers: you know, client workstations and things like that. I mean it. It's the human factor that's often
271
00:35:24.840 --> 00:35:26.590
Philip Sellers: the the trip point.
272
00:35:27.270 --> 00:35:27.890
No.
273
00:35:29.060 --> 00:35:40.060
Andy Whiteside: So, guys, I think we can sum this up by talking about Newtonics as a company being about providing platforms, and one of the platforms is, of course, the Acropolis operating system for the storage piece.
274
00:35:40.070 --> 00:35:55.530
Andy Whiteside: but throw into that the Acropolis hypervisor for the hypervisor piece of what's needed, and then you start laying across that, lots of technologies flow, being one that it's starting to AIM towards that platform as a service
275
00:35:55.650 --> 00:36:05.729
Andy Whiteside: from your data center, the vendor, the partner data center from the cloud, and all of that being able to be managed from one pane of glass
276
00:36:06.800 --> 00:36:07.799
platform.
277
00:36:08.130 --> 00:36:16.169
Jirah Cox: Totally totally. And it's not. It's not the one silver bullet right? It exist as part of a spectrum of protection and a spectrum of recoverability. Right? So it exists with
278
00:36:16.200 --> 00:36:23.990
Jirah Cox: snapshots that you can get to in, and seconds worth of notice and backups as well that are therefore more immutable, and they're like indexed and longer. Attention
279
00:36:24.080 --> 00:36:29.150
Jirah Cox: and snapshots are not backups. Backups are not snapshots, but you probably want both.
280
00:36:29.280 --> 00:36:36.000
Jirah Cox: You know role based access for my administrators, and who can see what? But yes, to your point. It's all part of the same platform.
281
00:36:36.020 --> 00:36:43.479
Jirah Cox: you know, end users that can pull back their own data from those snapshots right without even bugging an admin or opening a ticket with it.
282
00:36:44.620 --> 00:36:54.600
Jirah Cox: and even detecting, like, whenever I found one of. I had evidence of compromise in my in my environment. So this is kind of one facet of the entire protection and recovery story.
283
00:36:54.990 --> 00:36:55.549
No.
284
00:36:56.570 --> 00:36:57.979
Andy Whiteside: Philip.
285
00:36:58.240 --> 00:36:59.549
Andy Whiteside: Thoughts on
286
00:37:00.390 --> 00:37:01.360
Andy Whiteside: what we cover.
287
00:37:04.070 --> 00:37:16.549
Philip Sellers: I know this article doesn't go into it, but there's so much more here, so I can't wait for part 2. When we dig into some of the the other features that are here. But from a security perspective.
288
00:37:17.010 --> 00:37:20.979
Philip Sellers: I mean, we can't. We can't stick our head in the sand and act like
289
00:37:21.170 --> 00:37:25.200
Philip Sellers: It's okay to leave everything wide open anymore.
290
00:37:25.380 --> 00:37:30.570
Philip Sellers: You know we we're at an inflection point. Now Gyra talked about it at the very beginning where
291
00:37:30.590 --> 00:37:35.030
Philip Sellers: insurance companies are talking about removing coverage. I know
292
00:37:35.050 --> 00:37:36.100
Philip Sellers: cyber
293
00:37:36.540 --> 00:37:38.370
Philip Sellers: conversations that
294
00:37:39.260 --> 00:37:55.859
Philip Sellers: our customers and past experience. They're becoming more and more stringent. They're looking deeper into the network, trying to ensure that if they are gonna cover you, you're doing the right things. This is gonna be one of those right things that that our customers should be doing, and
295
00:37:55.960 --> 00:37:57.450
Philip Sellers: should be
296
00:37:57.880 --> 00:37:59.970
Philip Sellers: working on in their environments.
297
00:38:01.540 --> 00:38:03.140
Andy Whiteside: Well, and for me.
298
00:38:03.680 --> 00:38:07.070
Andy Whiteside: as much as I wish the world didn't have to be this way. It all comes down to money.
299
00:38:07.330 --> 00:38:13.889
Andy Whiteside: So if it comes down to you, you you're going to pay more, or you're not going to get covered, for you know, potential risk of losing money.
300
00:38:14.250 --> 00:38:16.710
Andy Whiteside: That's what drives these solutions
301
00:38:16.890 --> 00:38:17.970
Andy Whiteside: in the
302
00:38:18.440 --> 00:38:20.099
Andy Whiteside: in the mid to long run.
303
00:38:20.430 --> 00:38:23.090
Andy Whiteside: whereas technologies, you know county
304
00:38:23.340 --> 00:38:27.769
Andy Whiteside: kind of want these things. It's the ability to financially justify it or require it
305
00:38:28.020 --> 00:38:30.189
Andy Whiteside: that always get us back to.
306
00:38:30.280 --> 00:38:31.409
Andy Whiteside: Yeah, follow the money.
307
00:38:31.880 --> 00:38:35.780
Jirah Cox: Yeah, you're right. We don't. I don't really handle pricing
308
00:38:35.810 --> 00:38:38.099
Jirah Cox: per se but the fact that this is included
309
00:38:38.350 --> 00:38:40.809
Jirah Cox: is pretty meaningful to a lot of people making decisions.
310
00:38:40.850 --> 00:38:54.739
Jirah Cox: and, in fact, it's so easily configured. Right also means that this is not going to be, you know, 6 months, 12 months, you know, multiple comma's worth of science projects to get enabled.
311
00:38:55.070 --> 00:38:56.339
Harvey Green: Yeah, yeah.
312
00:38:56.670 --> 00:38:57.399
okay.
313
00:38:57.430 --> 00:39:00.060
Andy Whiteside: these are basic things. Everybody needs
314
00:39:00.090 --> 00:39:02.499
Andy Whiteside: figure out a way to make it part of the solution.
315
00:39:02.950 --> 00:39:03.700
Andy Whiteside: not
316
00:39:03.840 --> 00:39:06.240
Andy Whiteside: keep everything one more license away
317
00:39:06.410 --> 00:39:08.049
Andy Whiteside: from what we own.
318
00:39:08.820 --> 00:39:12.670
Philip Sellers: They also seem to understand that it needs to be simple to consume
319
00:39:13.430 --> 00:39:15.839
Jirah Cox: of the tech and the licensing. Yep.
320
00:39:15.910 --> 00:39:18.370
Philip Sellers: yeah, absolutely. I mean, the
321
00:39:18.440 --> 00:39:30.269
Philip Sellers: the implementation is that Harvey talked about is simple. That goes a long way to accessibility and success with your implementations.
322
00:39:30.910 --> 00:39:31.560
Yeah.
323
00:39:32.930 --> 00:39:33.910
Harvey.
324
00:39:34.400 --> 00:39:35.479
Andy Whiteside: Anything else to
325
00:39:35.720 --> 00:39:51.649
Harvey Green: just for fun, for for those that don't believe in micro segmentation when you go home today, like all your doors, like all your windows, and then knock down every wall and every door in your house.
326
00:40:09.270 --> 00:40:11.069
Andy Whiteside: Lock all your windows.
327
00:40:11.380 --> 00:40:15.599
Andy Whiteside: and then make your Wi-fi a wide open password or something
328
00:40:16.230 --> 00:40:24.660
Harvey Green: no, even even more physical. Just just not down all your walls and and all your doors.
329
00:40:24.690 --> 00:40:28.030
Harvey Green: Umhm, that that your network with no micro segmentation.
330
00:40:30.260 --> 00:40:42.440
Jirah Cox: If you want an easier way to learn about it. If you go to a blog post there's a link to the text test, drive experience where you can hop on to a live running cluster from your browser at home. If you want to as well
331
00:40:42.550 --> 00:41:02.380
Jirah Cox: walls your choice and and try it out where you can start configuring policies and flow right away and get some hands on experience there. So look! I can't go home tonight and sleep till somebody explains to me what that man is talking about. If you If you didn't believe us that we don't edit these.
332
00:41:02.500 --> 00:41:06.359
Jirah Cox: maybe you do.
333
00:41:06.380 --> 00:41:18.479
Harvey Green: What's he talking about? Lock your doors, lock your windows. Yeah, that's just your North South traffic. Lock your doors like your windows. Nothing I can get in. Nothing from the inside can get out unless you give it permission.
334
00:41:19.150 --> 00:41:37.320
Jirah Cox: Are you saying? Not down all the walls inside the house interior walls, interior doors let's hold in the roof. That's got to go on your list Army alright, so let me add it out. Okay.
335
00:41:37.730 --> 00:41:42.330
Andy Whiteside: So lock your doors, lock your windows, knock down all your interior walls.
336
00:41:42.410 --> 00:41:46.719
Andy Whiteside: and then go, you know. Go take your clothes off and see if you feel
337
00:41:51.560 --> 00:42:00.709
Andy Whiteside: I I I get dressed in my closet more often than not these days, because I just walks in, and i'm like, what?
338
00:42:01.890 --> 00:42:08.389
Andy Whiteside: Yeah? All right, guys. Well, I think we've had fun. I get the promise to my wife. I'd be home by 50'clock every day this week.
339
00:42:08.510 --> 00:42:13.840
Andy Whiteside: because i'm never home. So I gotta go
340
00:42:13.980 --> 00:42:16.200
Andy Whiteside: until next time. Guys. Thank you.
341
00:42:16.380 --> 00:42:18.259
Philip Sellers: Thank you.