Indevops VCF Promotion

Indevops VCF Promotion

Why Indevops VCF Promotion?

❓Is the purchase of VMware licenses by Broadcom in its new edition keeping you up at night?
❓Not sure which package is the best fit for your IT environment?
❓Wondering how to justify the increased costs of the solution to your        management?

 

INDEVOPS is here to help!

Since 2017, we have specialized in implementing VMware environments. As one of the few VMware Premier Partners, we have a proven track record of successful deployments for clients of all sizes—large, medium, and small.
Thanks to our VMware TAP (Technology Alliance Partner) partnership, we can not only implement but also integrate VMware software with the rest of your IT infrastructure, ensuring comprehensive and optimized solutions.

💣Take advantage of our special offer and learn more. Details can be found here:
👉https://www.indevops.com/en/vcf-adoption-2/

picture of a hero section with text VMware Cloud Foundation by INDEVOPS and contact button

By choosing Indevops, you’re opting for experience, expertise, and reliability.

Have you heard of anyone speaking positively about Broadcom’s acquisition of VMware?

Have you heard of anyone speaking positively about Broadcom’s acquisition of VMware?

It’s great! It’s great, so what’s it all about?! 😎

As we all know the acquisition of VMware by Broadcom has become a reality. It’s been rumored on the web for a long time, and now the rumble is even bigger. New facts came out: new packages, new prices, no more licenses, subscriptions, add-ons…(more on that in a moment).

I’ve been reading various publications on the subject, foreign and Polish, and I haven’t come across any purely positive article (except for Vmware’s blog). In general, everyone writes that prices are higher, that they “went overboard”, that it caused 💣 😉 . When information about benefits appears, it’s the kind that appeals to me on average: “greater development outlay”, “faster time to value”, “predictable investment”. Overall, the tone is strongly neutral. Even AI concludes “Customers need to weigh all the pros and cons.” 😜

In addition to the reviews, there is also a rash of all kinds of competitive announcements like „hey, as you know there’ve been some changes in VMware, and here we have this interesting extra solution that replaces it”, even from Vmware partners(!).

The Policy of Truth 🙃

On the web you will find information about how the price list or an explanation of the simplification is now, so I will not go into detail here. I would like to present my own truth. In our context and that of the clients we serve.

Simply “simple”

Well, finally there is an end to combinations with licenses, grasping at straws, which took “days” (several months) of analyzing, determining, adding and subtracting. From my point of view, it was some kind of massacre. I have a certain client (still a potential one) who, for the past three years, has approached me from time to time: “how about such a variant, how about such a variant, how about per CPU, how about a subscription.”. And I, like a fool, threw everything and reminded myself what was there, what could be, whether it is current, whether prices have changed. In January he came forward and …. declared that he would finally have orchestration for the whole environment, and the price with a discount was better than what was prepared for him the last time.

Now it’s simple and straight to the point: you take it or you dont. If you took it, then maybe you could still add Add-On: 1, 2 and 3. Of course, the price may come out (I do not write “comes out”) higher, but how many additional out of the box functionalities you may have.

Of course, it can come out more expensive, but it doesn’t have to, as the example above shows. And from our tests it even comes out that the higher package, can be cheaper than the lower package.

New functionalities

And this is where the people from the first part of the post respond: “but why do I need it, I don’t need it”. And I reply, “Well you do need it, and do you know why? No? Well, listen, newbie” 😜.

Everything is monitored

The topic of monitoring in IT is as old as the IT world. How many of you have gone through “X” monitoring systems? And how many of you have “Y” monitoring systems? Or do you have one system (in terms of its manufacturer), but its seven instances? 🤔

Now in each subscription package you get an advanced monitoring system that will handle your entire environment. Well, three systems 🙂 but:

·        efficiently exchanging information with each other (integrated)
·        complementary to each other (metrics, logs, flows)
·        true “combos” (functionality and scalability)
·        covering the entire IT stack in the datacenter (branches too)

But how? Well:

·    In the lower suite (VMware vSphere Foundation) you have tools to monitor hardware metrics, i.e.: servers, arrays, network switches, control panels, air conditioners (yes, yes, about that in a moment) and events from the entire IT stack

·    metrics monitoring – Aria Operations (formerly vRealize Operations Manager)
·    log monitoring – Aria Operation for Logs (formerly vRealize Log Insight)

·    in the higher suite (VMware Cloud Foundation) there are database and application metrics, i.e. for example Oracle, MySql, MSSQL, application interiors (yes, yes about that also in a moment), as well as network analysis

·    additional functionalities in the aforementioned software
·    network monitoring – Aria Operation for Networks (formerly vRealize Network Insight)

Where is my opinion coming from? Because we’ve been implementing and maintaining these software products for more than 6 years, we’ve already developed a practice to make it happen quickly and efficiently, and to make it fit organizations of all sizes, to have everything from hardware to applications visible in one place, along with business services, infrastructure layers, both for customers as service providers, applications or cloud infrastructure and resources. You get your hands on really valuable tools.

What makes monitoring software from VMware’s stable stand out? This is obviously a text for a separate article (or a podcast, which you can listen to here). I think we will publish something more soon.

Orchestration aka Automation

How much time do you spend on configuration per day or per month? Such daily clicking in the GUI of basic things, mundane issuance of VM’s, copying data between systems, setting up accounts in different systems, etc. You could mention many examples here. And you don’t even know how many errors and “misconfigurations” will happen to you during these activities. 🙂

Orchestration, interchangeably called Automation, associated with the buzzwords Infrastructure as Code, GitOps, CI/CD and even confused with RPA, comes to the rescue in such situations. An important advantage of automation, besides the fact that it standardizes, speeds up processes, improves security, introduces compliance, is learning! 🙂 Because it requires a person not to write code, but to think about how the process should look, what should happen, in what order, etc. And there is also another asset: collaboration!!! 🙂 Because orchestration makes not only systems work together, but also people. 🙂

In the second subscription package you get the full-featured VMare Aria Automation orchestration tool. Full-featured because we have been using it for 6 years and we know it inside out. Moreover, we have recently compared orchestration tools from various leading manufacturers for one client, and Aria holds the level (by the way, they all came out comparably). Nevertheless, price-wise, considering that Aria Automation is now with everything else, it is second to none.

More about automation-orchestration in the next VMware podcast soon. How about publishing the aforementioned comparison?

Other: Security, Storage and Containers

We also have other pieces in this puzzle that give us security, agility, learning:

  • software definded networkig, or NSX with all aspects of easier network management and security
  • software definded storage, or vSAN, or the elimination of disk arrays (oh, here I hear the noise of discontent 😜)
  • containerized applications, i.e. Tanzu Kubernetes (a lot could be written here)

And what’s next?

INDEVOPS as a VMware Premier Partner

We were one of several companies in Poland to receive this status. There are 2 more companies with international coverage at Strategic level.
I am very proud, because it was deserved by the whole team, whose work, dedication, energy, translates into the trust of customers, as well as our partner VMware already “by Broadcom.” 🙇 We, Indevops, such a small bunch of people, who there in the recess of the garage, was patting configurations. Local business, which is trusted by the giants of the Polish market. A COMPANY that has always put the customer first, that has gone the extra mile to make sure the CUSTOMER has the best. We want to thank the VMware Poland team for this award. We thank you dear customers for your trust. “We are here to serve you”.

Maybe this message should be at the beginning 😉 Well, no, because I don’t like to eulogize. But the intention of the post was to show the positive benefits of the VMware changes. I hope I managed to breathe that positivity into all of you.

So?

You don’t start a sentence with “so” 😜

Look at changes positively. Because there is nothing more constant in life than changes 🙂 Fight for discounts at VMware. We will do your implementations, maintain your environment. We’ll think together how to make you, and us, and even VMware, happy 🙂 We’re all in the same boat.

Are you having trouble with pricing, overpricing, deployment, maintenance? Let’s talk. We are waiting for you with open hands.

Good luck 🙂

Sample sources:

AI analysis:

  • Pros:
    • Investment in innovation: Broadcom has pledged to increase VMware’s R&D investment by 20%. This could accelerate the development of existing VMware products and services, as well as lead to innovative new solutions. Greater investment may also accelerate the integration of VMware with Broadcom products, which could benefit customers using both platforms.
    • Strengthening leadership position: The combination of VMware and Broadcom will create a powerful player in the virtualization and cloud market. This could provide customers with more choice and access to a wider range of solutions. The strengthened leadership position may also lead to greater stability and security of the VMware platform, which is important for companies that rely on it for their operations.
    • Synergy and optimization: Broadcom has extensive experience in software and IT infrastructure. Combining this expertise with VMware’s experience can lead to synergies and optimization in various areas, such as:
    • Developing new cloud solutions
    • Streamlining infrastructure management
    • Cost reduction
    • Access to a wider range of solutions: Broadcom offers a wide range of IT solutions, including software for network, security and performance management. After the acquisition, VMware customers will have access to these solutions, which can help them improve their IT infrastructure.
    • Growth opportunities for employees: The acquisition could create new growth opportunities for VMware employees. Broadcom is a large company with a global reach, which could mean more opportunities for advancement and professional development for VMware employees.
  • Cons:
    • Price increase: Broadcom has a reputation for seeking to maximize profits. There is concern that after the acquisition there may be price hikes in licenses for VMware products. This could negatively affect customers, who will have to pay more for the same products and services.
    • Strategy and priorities change: There is concern that Broadcom may change VMware’s strategy and focus on areas other than those that are important to customers. This could lead to the neglect of VMware’s key products and services, negatively affecting customers.
    • Impact on integration and compatibility: It is unclear how the acquisition will affect VMware’s integration with third-party products. There is a risk that integration could become more complicated, which could make it more difficult for customers to use different solutions.

Summing up:

The acquisition of VMware by Broadcom carries both potential benefits and risks. It is important for customers to carefully consider all aspects of this transaction before drawing any final conclusions.

EU Directive NIS2 – how to prepare your company for changes?

EU Directive NIS2 – how to prepare your company for changes?

EU Directive NIS2 - how to prepare your company for changes?

The NIS2 Directive (Network and Information Systems Directive 2) must enter into force in Polish law no later than October 17, 2024. The main purpose of the NIS2 Directive is to define the minimum provisions that Member States should implement to reduce the risk of cybersecurity incidents.

NIS2 encourages Member States to introduce regulations that will require supply chain demonstration, vulnerability management, basic internet services, and the application of cyber hygiene principles. Automation and monitoring of IT infrastructure will be essential practices that will significantly facilitate and reduce the workload of the NIS2 directive implementation process, especially since maintaining compliance with NIS2 is a continuous process.

In today’s complex IT world, we cannot do without tools for continuous monitoring and automatic detection of vulnerabilities, tracking incidents, as well as optimizing the environment, measuring performance, costs and maintaining compliance with policies for maintaining a healthy, i.e. safe, data processing environment. On the other hand, the multitude and specificity of tools often necessitate the use of many tools. VMware, a leading provider of data processing platforms in the public cloud and data center (private cloud), has monitoring and automation solutions that can constitute single points of supervision over the entire IT, taking into account the security aspects of various domain tools.

INDEVOPS specializes in implementing monitoring and automation solutions using VMware products. INDEVOPS activities respond to the needs of monitoring and orchestration of the complete IT area, from hardware to applications, from data centers through remote units to the public cloud, implementing solutions in small and medium-sized enterprises as well as the largest companies in Poland.

What is NIS2?

The NIS2 Directive (Network and Information Systems Directive 2) entered into force on January 16, 2023. We now have 21 months to implement it into national law. Currently, the Act of July 5, 2018 on the national cybersecurity system is in force, which requires amendment due to changes in NIS2. On July 11, parliamentary committees decided to hold a public hearing on this project. As of October 16, 2023, work is still ongoing, which means that without an amendment to the KSC Act, NIS2 cannot yet be used. However, time passes and it is worth familiarizing yourself with the purpose and requirements of this directive, which must enter into force in Polish law no later than October 17, 2024.

The topic of cybersecurity is very important in the European Union. Following an audit of the functioning of the directive introduced in 2016, it turned out that Member States were implementing EU rules in this area, but to varying degrees. Therefore, the main objective of the NIS2 Directive is to define the minimum provisions that Member States should implement to reduce the risk of cybersecurity incidents. In addition, NIS2 requires updating sectors and activities, introducing corrective measures and enforcement measures. We will all benefit from the introduction of these regulations and the harmonization of minimum provisions, and the greatest financial relief will be felt by companies that offer cross-border services and have to deal with differences between countries in the field of cybersecurity.

Is NIS2 just a whim of the European Commission or are there benefits from its use?

Looking at the provisions and requirements of the directive, the only thing that member states will be “forced” to do is to increase the level of security, because so far countries have had different approaches to it. In the “cyber” world, this approach is especially appropriate. The specific benefits of applying the NIS2 directive include:

  • increasing resistance to cyber threats;
  • increasing the ability to respond to cybersecurity incidents and crises;
  • increasing awareness and education in the field of cybersecurity among citizens and entities;
  • increasing the protection of fundamental rights and the security of personal data in cyberspace (GDPR);
  • increasing trust in the digital internal market and the competitiveness of European digital entities.

Which entities need to implement NIS2?

Entities will be obliged to take measures to increase the level of cybersecurity:

  • cross-border service providers, such as DNS and TLD registry providers, domain name registration providers, cloud providers, edge computing and data center services (referred to as core internet services);
  • from sectors important for the economy and society, e.g. energy, transport, banking, financial market infrastructure, health care, drinking water, waste, chemical and nuclear production;
  • from digital sectors, e.g. social media service providers, data sharing services, content sharing services, internet search services and email services.

An important fact is that the NIS2 directive encourages Member States to introduce regulations that will require the demonstration of the supply chain, i.e. the identification of all entities involved in the provision of cyberspace-related products or services, such as manufacturers, suppliers, distributors, integrators, operators or end users. Therefore, entities will have to demonstrate all elements used in data processing, both internal and external.

Size or importance of the enterprise?

The provisions of the NIS2 directive will have to be implemented by large and medium-sized enterprises, and other entities (even small or micro-enterprises) – if they meet specific criteria indicating a key role for society, the economy or specific sectors and types of services. It is worth consulting with people responsible for legal services now to assess whether and to what extent your company is subject to NIS2 requirements.

It is worth adding that the NIS2 directive stipulates that the risk management measures implemented and their costs should be proportional to the entity, without imposing too high administrative and financial burdens on entities.

Cyber ​​hygiene – prevention is better than cure

Cyber ​​hygiene - prevention is better than cure

The slogan “prevention is better than cure” is also important in cybersecurity and refers to the application of cyber hygiene principles – a set of good practices: behaviors and measures that are able to prevent cyber threats. This concerns the protection of network infrastructure and IT systems, the security of hardware, software and Internet applications, and the protection of company and end-user data.

On the one hand, these requirements will include the purchase of appropriate products and services, and on the other – documenting, training and providing regular training to employees, e.g. regarding the recognition, assessment and management of cybersecurity risks. In addition to efficient (up-to-date) ICT systems, it is important to build awareness and educate employees of entities using NIS2D in the field of cybersecurity. Trained and aware of cyber threats employees will guarantee quick and correct threat identification and then cyber security risk management.

Risk management measures

Risk management measures referred to in Art. 21 of the NIS2 directive, are divided into technical, operational and organizational and concern the following aspects of cybersecurity:

a) risk analysis and security policies for IT systems;

b) handling the incident: detecting, reporting and documenting its course to repairing its effects;

(c) business continuity, e.g. backup management and emergency recovery, and crisis management;

(d) supply chain security, including security aspects relating to the relationship between each entity and its direct suppliers or service providers;

e) security in the process of acquiring, developing and maintaining networks and IT systems, including dealing with vulnerabilities and their disclosure;

(f) policies and procedures to assess the effectiveness of cybersecurity risk management measures;

g) basic cyber hygiene practice and cybersecurity training;

(h) policies and procedures for the use of cryptography and, where appropriate, encryption;

i) human resources security, access control policy and asset management;

(j) where appropriate, the use of multi-factor or continuous authentication, secure voice, text and video calls and secured intra-entity communications systems in emergency situations.’

This list can be summarized as a typical “arsenal” of selected safeguards described in the ISO 27001 standard, in Annex A. It is worth adding here that the NIS2 directive does not impose or favor any of the technologies, although it indicates standardization (Article 25 ) as a way to support the consistent implementation of cybersecurity management measures. In our opinion, if an entity uses standardization, it has already developed habits similar to standardization under Art. 25 NIS2, and standardization often coincides with the legal requirements for standardization, which makes these concepts identical.

NIS2 also includes a provision that the risk management measures implemented and their cost should be proportional to the entity, without imposing excessive administrative and financial burdens on entities. To determine this, a risk analysis is used, which is based, among others, on: on the current state of knowledge regarding risk management measures and the cost of their implementation. Such a task will probably be assigned to people handling purchasing processes in the organization. The NIS2 directive also introduces the responsibility of company management for compliance with cybersecurity risk management measures.

Are you sure your company maintains cyber hygiene? If not, please contact us and click ” here “.

Can you stop a cybercriminal attack?

Unfortunately, we will not be able to stop cybercriminal attacks. However, if the entity takes the implementation of the NIS2 directive seriously, it will be possible to stop most attacks. If we apply cyber hygiene and apply the above-mentioned “arsenal” of selected security measures described in the ISO 27001 standard will minimize the risk of a successful attack to zero.

Why is it worth monitoring your IT environment? One of the requirements specified in Art. 21 of the NIS2 Directive is to ensure business continuity by anticipating, preventing and resolving problems in the cloud or across multiple clouds, from applications to infrastructure.

It used to be that an IT specialist could notice and respond to cyber intrusions by observing messages or images from monitoring systems. This approach worked well with a small number of cyberattacks and when using a few applications. Today this approach is not sufficient. In the case of our clients, the number of applications (business services) ranges from a dozen to several dozen. Each service has a minimum of 2 components (application and database). In addition, services (including components) have production and development versions (environments), and often also “PREPROD”, “TST” and others. These also include remote locations where these services must be present, or public cloud environments where these services are placed. The vast majority of these services communicate with each other and also communicate with external services and third-party vendor services. The number of operating systems on which these “applications” run ranges from several hundred to several thousand. In INDEVOPS alone , we have over 250 instances of operating systems, and in the development environment, automatic tests create and decommission several hundred systems a day.

Moreover, today’s cybercriminals are increasingly less likely to attack IT environments from outside. Attacks from inside the network turn out to be more effective because the first step to overcome is the user: “Good morning, Mr. Radosław, I’m calling you from the helpdesk, I need your e-mail password because I need to reset it,” or: “Good morning, I’m from helpdesk I came to replace a computer” (the example is used during an audit during which an accounting auditor connected his computer to the network and carried out an attack on an unsecured Microsoft SCCM server and gained control over the organization’s Active Direcotry).

The next steps of the attack use “traditional” technical methods that exploit vulnerabilities in the software (errors, obsolescence, incorrect configuration). It turns out that inside the organization, IT systems are no longer so strongly protected in terms of security. Interestingly, cyber intrusions are not revolutionary, e.g. stealing or blocking sensitive (business-valuable) data, using the attacked environment for another attack or using additional computing power.

To summarize, the answer to the question “is it worth monitoring?” is obvious. However, the thought comes to mind that this question should be changed to “how to monitor effectively”?

How to monitor the IT environment?

Given the number of systems or applications currently used in large IT environments, several monitoring tools are currently used. Each tool is dedicated to specific scopes of operation, e.g.: · scans computer networks for security vulnerabilities, unknown or outdated systems, · collects system and application logs, · tracks traces and metrics, · supports the vulnerability management process, where after identification the repair business process will be carried out, · monitors a given IT layer, e.g. applications, virtual environment, computer networks. Unfortunately, the use of many tools means that monitoring is treated as an island, without a unified view of the whole, and there are no connections between elements, different types of data or objects. This does not effectively prevent failures, although their detection works correctly. In the event of a failure, repair time is significantly extended and the repair process is time-consuming, not to mention the difficulty in determining the root cause of the problem.

It is necessary to use tools that can aggregate data from all sources and “look” at the environment from the user’s entry point to the place where the data the user uses is stored. However, the entire environment should be globally analyzed in terms of any anomalies occurring in it. For this purpose, “machine learning” engines can be used, operating on large sets of structured (metrics) and unstructured data (logs, events). ML engines can learn the behavior of the environment and respond to something that was not there before.

Today’s global monitoring is called Observability and allows you to observe systems, applications, network devices, user devices, on-premises and cloud resources. The goal is to capture everything and everywhere, both to see the user’s journey in every place of the IT stack and to show the view from the business side, e.g. how many orders does a given service (business application) complete per hour?

Observability can be implemented by one monolithic system, but may be the result of coupled operation of systems, e.g. a system that monitors itself can integrate with many domain systems (e.g. for application monitoring, data center monitoring, monitoring network devices of a given manufacturer, etc. .) and provide top-down visibility into the entire IT environment.

Example features of the Observability tool:

1. Observe complete IT stacks, from hardware to services, in on-premises data centers and public clouds.

  • the tool uses plug-ins to connect elements of the IT environment, which enables monitoring of any types of traditional and cloud IT elements, in particular it enables integration with domain systems, e.g. Data Center Infrastructure Management, Building Systems Management, Security Scanner, etc., and even other monitoring systems;
  • The plugin system is open and allows you to build plugins yourself, also using a no-code tool.

The INDEVOPS team itself created plug-ins for Cisco, Juniper, CheckPoint computer network devices and IBM and Broadcom (Brocade) data storage devices:

  • computer network switches and routers, Juniper;
  • computer network firewall, CheckPoint;
  • computer network switches and access points, Cisco;
  • disk arrays, IBM XIV;
  • SAN switches, Brocade (Broadcom).

2. Discovering connections and topologies in the IT environment:

  • the tool discovers the types of connected elements and their components, e.g. ports, instances, metrics and parameters, and also draws connections between elements and their components depending on their actual relationship, e.g. what virtual machine is the application on?, on what disk areas are they placed virtual machines?, what ports are on the network switch?, what disks are exposed from the disk array?, what databases are in the database engine instance?, what application instances constitute applications and on what systems are they running?
  • discovery is automatic, although it is possible to manually or semi-automatically build connections based on applied naming schemes or tags.

3. Insights into structured and unstructured data:

  • the tool has engines for structured and unstructured data that are adapted to a given type of data, and on the other hand, it enables the linking of structured and unstructured data of a given object for the purposes of uniform alerting,
  • Additionally, it automatically structures unstructured data to enable tracking in a way similar to metrics, and performs analyzes on them enabling automatic grouping into applications, detection of attack signatures or operational detection of irregularities.

4. A common view of the entire IT environment:

  • the tool provides one central system of views that can be assigned to selected recipients (also outside the organization) and adapted to your own needs by modifying or creating your own views from scratch, although it has predefined views for troubleshooting, capacity, performance, cost and optimization and energy consumption, including CO2 reduction (sustainability),
  • views provide standardized insight into relationships, metrics, predictions, parameters, alerts and symptoms of all monitored elements regardless of their type, as well as hooking up external elements for a unified user experience and redirecting to domain tools if deeper analysis is needed.

5. Resource optimization and planning for performance, capacity and costs:

  • based on the stored history, the tool builds behavioral trends and calculates automatic thresholds for each metric of each monitored object, which allows predicting behavior and introducing recommendations on various subsets defined in the tool (entire data centers, groups of systems, defined business applications, in terms of migration, transfer , increasing resources and recovering them in case of too low utilization, e.g. recovering unused RAM, searching for abandoned resources,
  • enables calculation of data center costs with definitions of own rates for hardware and software costs and comparison with public cloud costs in the case of load transfer (deeper analysis through integration with the CloudHealth tool).

6. Advanced alerting and reporting:

  • instead of alerting based on exceeded thresholds, the tool uses symptom-based alerting, in which an abnormality is indicated by one or more symptoms that constitute an alert (important: symptoms can occur without creating an alert), both of which have their own independent priorities and recommendations that operators can use to solve problems,
  • alerting uses automatic trends and thresholds, thanks to which it is possible to detect unexpected increases in load in one or more systems, which may indicate an attack or intrusion,
  • alerting has predefined report templates, with the ability to create individual reports from any selected elements, as well as export to PDF and XLSX and automatic sending by e-mail.

7. Monitoring business services and SLA:

  • the tool has universal metrics with percentage values ​​for each monitored element, which allows you to compare different types of elements (e.g. virtual machine and power supply) and build them into logical containers constituting sets of elements and representing components, in particular business services, enabling simple health monitoring and SLA of these components (services),
  • A special case is the ability to create views of recipients and service providers by building containers for different IT layers, different areas and locations.

8. Verification of monitored elements for security compliance:

  • built-in compliance policy mechanism for various types of monitored objects, integrated with the alerting and reporting mechanism, with default policies for checking compliance with regulations and policies for VMware vSphere, NSX-T, vSAN infrastructure and international CIS regulations, DISA, FISMA, HIPAA, ISO and PCI. The mechanism also allows you to create your own “Custom Compliance” standards for compliance monitoring.

Analyzing the security of the IT system, maintaining business continuity and assessing the effectiveness of already implemented measures becomes crucial for the implementation of NIS2. For this purpose, it is important, in accordance with the ISO19011 standard for auditing management systems, that the company has the appropriate amount of information which, after analysis, will become audit evidence. On their basis, the auditor will make audit findings, deciding on compliance or non-compliance with the standards in the NIS2 directive. System with the above set of features is able to support the entity in the business aspect of monitoring its IT environment, but will also provide information that will be useful in implementing and maintaining NIS2.

How does INDEVOPS support companies in implementing NIS2 requirements?

INDEVOPS  fulfills the described roles for an integrator in the supply chain and performs necessary tasks for an entity covered by the requirements of the NIS2 directive. The company was established in 2017 to specialize in monitoring and automation of the maintenance of IT infrastructure and services. It provides its services based on its own expert experience gained during several years of working with IT systems, using VMware Aria Operations software, on the example of which the features of the system enabling the implementation of the Observability idea were described, by equipping it with third-party extensions and proprietary plug-ins developed in cooperation with technological partners, extending the capabilities of the Aria Operations tool to monitor a complete set of IT infrastructure layers:

  • VMware Network Insight – application network security analysis along with mechanisms for detecting network anomalies through network flows (Netflow)
  • Flopsar – insight into applications, in line with the Application Performance Monitoring trend,
  • UptimeDC – monitoring data center elements (so-called Data Center Inventory Management),
  • Greenbone – so-called security scanning Security Scanner.

Additionally, INDEVOPS , by implementing other VMware solutions, can help you meet the new NIS2 security requirements. Below is a list of solutions:

  • VMware Carbon Black – a cloud-based endpoint protection platform that provides advanced threat detection and prevention, user and device behavior analysis, threat isolation and removal, and integration with other security systems,
  • VMware Workspace ONE/Inteligent/Mobile Threat Defense – a digital workplace management platform that enables you to securely deliver and manage any application on any device, wherever it is, using multi-factor authentication, conditional access and single sign-on.
  • VMware NSX Advanced Threat Prevention – a network virtualization and security platform that is a collection of analytical tools designed to defend against advanced threats that use known and unknown attack vectors. It enables full inspection of network traffic and detects and prevents known threats such as ransomware, malware, command-and-control communications, lateral traffic attempts and data theft. It uses artificial intelligence (AI) and machine learning (ML) to analyze advanced threats and quickly respond to them. It also offers comprehensive visibility of both north-south and east-west traffic, including an overview of abnormal behavior
  • VMware Cloud Disaster Recovery – a solution for quick and effective recovery from a failure or ransomware attack in the VMware cloud
How does INDEVOPS support companies in implementing NIS2 requirements?

Summary

In the implementation of the NIS2 directive, monitoring the IT infrastructure becomes necessary to verify compliance with its requirements. By providing up-to-date data on the state of IT systems, these technologies can help organizations meet the requirements of the directive and increase their overall level of cybersecurity. However, in today’s complex and extensive environments, a modern system implementing the idea of ​​Observability is able to significantly increase the level of observation by automatically detecting non-standard behaviors coming from many sources, using machine learning mechanisms. This allows us to optimize the environment, measure performance, costs and compliance with our policies, regardless of whether the data is processed in our data center or in a public cloud.

The role of INDEVOPS is to ensure the security of solutions delivered to entities that will be covered by the guidelines of the NIS2 directive, technical support ensuring business continuity, training of Customer Employees, as well as ensuring that the solutions delivered to the Customer, as well as the form of cooperation between the entity and the supplier, are consistent with regulations. INDEVOPS  supports its clients in performance optimization, capacity management, cost management, event management, compliance with guidelines and reporting on various system elements.

INDEVOPS is the only VMware  partner originating from Poland that has a service partnership (Master Services Competency) at the Principal level, as well as a cloud provider partnership (Cloud Services Provider) and a Technology Alliance – Standard software developer partnership. Within EMEA, we are the only subcontractor of DellEMC in Operations and Automation. Since 2017, we have been providing key solutions to clients, including renowned companies such as PKN Orlen, ING Tech, Poczta Polska, Inpost, Alior, PERN, PCSS, MBank, Polkomtel, Polpharma and many others.

INDEVOPS  has over 30 leading clients and hundreds of users using the solutions we provide. We cooperate with partners such as VMware, DellEMC, Bluemedora, NetFlow Logic and Greenbone, which guarantees the highest quality of our services.

Please contact us if you want more information, please click  HERE

 

Sources:

https://eur-lex.europa.eu/legal-content/PL/TXT/PDF/?uri=CELEX:32022L2555&qid=1697431135136 , p. 48, art. 21 (accessed on October 16, 2023)

https://www.vmware.com/  (accessed on October 17, 2023)

https://docs.vmware.com/en/VMware-Aria-Operations/index.html  (accessed on October 16, 2023)

https://www.vmware.com/products/aria-operations.html

The authors would like to thank Krzysztof Kowalski for source materials on the NIS2 directive and Ewa Szymczak for coordinating the work and the marketing campaign.