This new software-defined, cloud-native infrastructure that most in the technology industry can’t stop raving about isn’t all champagne and confetti for one particular group of IT pros: security teams. They are expected to evolve breach and threat detection at the pace of innovation, which is pretty break-neck these days. Many are asking, what good is a traditional firewall for this new infrastructure? According to some, the answer is “not much.”

Rajiv Ramaswami, EVP and GM of Networking and Security at VMware, Inc., said that security has to happen where the bulk of traffic is — inside the data center. “Ninety percent of your traffic happens inside the data center,” he told John Furrier (@furrier) and John Troyer (@jtroyer), cohost and guest host of theCUBE, from the SiliconANGLE Media team, during VMworld 2016. “You really can’t protect that with traditional firewalls. There’s just way too much traffic,” he said.

A new security philosophy

Ramaswami said that microsegmentation at the level of the hypervisor is needed to block threats in the mainstream of traffic.

“This is really the only way you can actually secure applications in a good manner, in a scalable manner,” he explained. He said VMware’s NSX networking security services can achieve this.

Consultation automation

Ramaswami explained how NSX can help companies understand their security needs — automatically.

“You put NSX into your network, it automatically looks at everything that’s going on, and it comes up and says, ‘Hey, based on what I’m seeing, I recommend this set of rules.’ You can decide either to adopt those rules or modify them, and then push button, click, get it enforced,” he said.

Watch the full interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of the VMworld 2016.

Photo by SiliconANGLE