Micro-segmentation is becoming a key important security technique and helping to enable fine-grained security to data centre applications, down to the workload level. This approach enables security models to be deployed deep inside a data centre, using a virtualized, software-only approach.
According to me Micro-segmentation must be implemented or consider in each data centre so that only legitimate traffic will be a pass for VM to VM communication in the same segment ( L2 Network).
You all will agree that HCI ( hyper-converged ) technology is getting deploy in every data centre by consolidating Storage, Server, Virtualization, Backup with single package using single pane of glass but we must also look for Software define Networking which is nothing but Micro-segmentation feature incorporate functionality without requiring additional software or management tools in single pane of Glass so that administrators have greater control over their applications and visibility into how they operate.I found Nutanix HCI provides centralized management for virtualized data centre environments. Administrators can use Prism which is a management console in conjunction with AHV to carry out such tasks as cloning and securing VMs. It simplifies deployment and maintenance operations, including scaling and optimization. It serves as the control plane for the network infrastructure, Because of its integration with AHV and Prism, Nutanix Flow ( SDN ) works seamlessly with the entire Nutanix Enterprise Cloud platform.
The Nutanix Flow architecture
To protect network resources, Flow incorporates micro-segmentation, a process of segmenting virtual networks and applications to control communications between logical boundaries. With micro-segmentation, administrators have granular control over all traffic in and out of VMs, helping to increase application security while simplifying policy management.
Administrators can combine policies and policy types to build complete security for their applications. Nutanix Flow also provides the tools necessary to visualize communications between the VMs that support the applications, helping administrators better understand how to implement their policies across the entire infrastructure.