skip to main content
We use cookies to ensure you get the best experience on our website. By continuing to use the site, you consent to our use of cookies. Read more about our use of cookies and how you can control them at
Presidio Logo
Phone Handset

Maintaining Security: On Premises to Cloud and Back Again

Many businesses want to take advantage of cloud economics and flexibility, but they have concerns about the security of workloads that move between the controlled environment of an on-premises network and the cloud. The good news is that VMware NSX can help a business address these concerns and give it the flexibility to move workloads to a cloud environment and back without compromising security or creating more complexity for IT.

by Mark Vaughn, Director, Strategic Technology Group, Friday, 18 May 2018
Maintaining Security: On Premises to Cloud and Back Again
Maintaining Security: On Premises to Cloud and Back Again

When workloads migrate between on-premises and cloud environments, the differing security postures for those different environments can cause a problem. You might secure a workload one way on-premises and a different way in the cloud. Those differences are a barrier to seamless portability —which is one of the reasons a cloud environment was so attractive as a complement to an on-premises data center in the first place.

In a traditional networking model, security is tied to IP addresses, ports, and local firewalls. When you move the workload from an on-premises environment to the cloud, it exists outside of those security constraints that are inside the enterprise firewall. The challenge is to maintain the same security parameters in the cloud that exist inside the on-premises firewall. But maintaining consistency across the two environments can be incredibly difficult, especially as the networking environment becomes more complex and the volume of workloads multiplies.

With NSX, you can protect the workload every place it moves. NSX can even help secure workloads on the same machine by preventing any sort of interaction between them-- controlling east-west traffic that can be otherwise difficult to monitor and manage. The networking and security policies associated with the workload become linked to the virtual machine and move with it. The security posture remains the same, whether the workload originated on-premises or in the cloud, and regardless of where it moves. The settings and policies stay consistent as the workload moves back and forth between on-premises and cloud environments.

To take advantage of this portability, the enterprise needs to ensure that the initial security posture established through NSX is rigorous and comprehensive from the outset. This is where a knowledgeable partner like Presidio can add value. They can help the business establish the appropriate protocols and policies for the workloads to ensure consistency across both the on-premises and cloud environments.

This portability is possible because NSX abstracts networking and security from physical hardware much the same way vSphere abstracts server workloads. The enterprise can define the security posture once, and apply that blueprint to other workloads. Once defined, the policies move with the virtual machine, even if that’s into the public cloud or another data center location.

To understand the value of this portability, consider the example of a business that has grown rapidly through multiple overlapping acquisitions. The integration of companies translates into a rapid pace of change in the data center. It’s an ongoing challenge to maintain current workloads and to predict the needed capacity for new workloads coming in. IT has to anticipate power, cooling, floorspace, and cabling needs with the knowledge that those needs will change with a new acquisition — and the planning process will begin again. The business could play a never ending guessing game, or it could look to VMware Cloud on AWS for the additional infrastructure it needs. Instead of adding servers to its existing data center and establishing new security policies and postures with each acquisition, the business can tap into the on-demand resources in the cloud — with the option of moving workloads back on-premises if and when needed. If the business is facing long lead times for a storage array or a server for on-premises, it can move the workload to the cloud until the hardware is ready and available.

In essence, the portability that NSX makes possible actually helps to future proof the business. With the flexibility to scale up or down and securely move workloads when needed, IT can deliver whatever capacity the business needs, whenever needed. Expand out to take advantage of a competitive opportunity, or to test out a new innovation, and speed time to market because the security and networking policies are already defined and easily applied.

Presidio Logo
Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions. We deliver this technology expertise through a full life cycle model of professional, managed, and support services including strategy, consulting, implementation and design. By taking the time to deeply understand how our clients define success, we help them harness technology advances, simplify IT complexity and optimize their environments today while enabling future applications, user experiences, and revenue models.
Phone Handset
Terms    |    Privacy    |    Cookies    |    Careers
© 2021 Presidio, Inc. All rights reserved.