Информационное Руководство для Cisco Cisco Virtual Security Gateway for Nexus 1000V Series Switch
Business Challenge
CareCore National is a specialty benefit-management company that pioneered
evidence-based medicine for treatments. Doctors and nurses access CareCore’s
decision-support systems to obtain prior authorization for procedures such as
magnetic resonance imaging (MRI). CareCore applications are hosted on a private
cloud built with the Vblock Infrastructure Platform, which includes Cisco UCS
evidence-based medicine for treatments. Doctors and nurses access CareCore’s
decision-support systems to obtain prior authorization for procedures such as
magnetic resonance imaging (MRI). CareCore applications are hosted on a private
cloud built with the Vblock Infrastructure Platform, which includes Cisco UCS
™
B-Series Blade Servers, Cisco Nexus
®
7010 at the backbone, and Cisco
®
Nexus
1000V Distributed Virtual Switches at the access layer.
The CareCore IT team needed an efficient way to isolate training server VMs from
production server VMs. The training VMs and production server VMs belong to the
same network domain, so isolating training VMs previously required four pages of
security rules, based on source and destination IP addresses. Enforcing firewall
security policies based on VM attributes instead of IP addresses would lower
management overhead and the risk of configuration error.
production server VMs. The training VMs and production server VMs belong to the
same network domain, so isolating training VMs previously required four pages of
security rules, based on source and destination IP addresses. Enforcing firewall
security policies based on VM attributes instead of IP addresses would lower
management overhead and the risk of configuration error.
Solution and Results
CareCore National significantly simplified firewall security policies by creating logical
trust zones using the Cisco Virtual Security Gateway (VSG) for the Cisco Nexus
1000V Switch. “The Cisco VSG met our VM security needs, and its VM-aware
rule engine allowed us to re-think the way we write security policies,” says William
Moore, executive vice president and chief technology officer for CareCore National.
trust zones using the Cisco Virtual Security Gateway (VSG) for the Cisco Nexus
1000V Switch. “The Cisco VSG met our VM security needs, and its VM-aware
rule engine allowed us to re-think the way we write security policies,” says William
Moore, executive vice president and chief technology officer for CareCore National.
Benefits of the Cisco Nexus 1000V and VSG in CareCore’s environment include:
•
Simplified security policy: Three VM context-aware rules have replaced four pages
of network access control rules, minimizing management overhead and practically
eliminating the risk of configuration errors that could jeopardize production servers.
of network access control rules, minimizing management overhead and practically
eliminating the risk of configuration errors that could jeopardize production servers.
1 © 2012 Cisco and/or its affiliates. All rights reserved.
Executive Summary
Customer Name:
CareCore National, LLC
Industry:
Healthcare Insurance
Number of Employees:
1200 Employees
Business Impact
• Simplified server access control,
condensing four pages of rules to
three lines
• Reduced risk of inappropriate access
to resources
• Minimized server costs
• Accelerated new server provisioning
• Accelerated new server provisioning
Customer Case Study
Benefits Administrator Simplifies
Security Policies