Rory Peacock is the Deputy Executive Director of Technology at Education Service Center Region 11, where he oversees all technology services provided to Region 11 schools.
Region 11 is one of 20 education service centers throughout the State of Texas. In Texas, an education service center manages education programs, delivers technical assistance, and provides professional development to schools within its region. With regards to technology, education service centers assist their schools with hosted services and technical support.
Education Service Center Region 11 serves 70,699 educators and almost 600,000 students across 10 urban and rural counties.
Region 11 is a long-time VMware customer, introducing VMware vSphere in 2009. Since then, Region 11 has virtualized over 95% of their server environment. They’ve also made the move to virtual desktops utilizing VMware Horizon to support their 200 employees.
On the very day in 2016 that a meeting was set with the VMware NSX Data Center team to demo the product, Region 11 was hit with a zero-day attack of ransomware. A legacy system was hit in its demilitarized zone (DMZ) even though it was patched to the published requirements and recommendations. The malware began working within the DMZ, moving laterally from workload to workload to take down a significant portion of services. After a costly recovery that took several days, Rory and his team knew they had to act to implement a stronger security solution, and they had to act fast.
Intrinsic Security with NSX Data Center
Region 11 deployed NSX Data Center in their environment in order to prevent and mitigate damage from potential future attacks. With NSX Data Center security policies are enforced at the individual workload level, preventing the lateral spread of an attack between and within applications. Using these micro-segments, Region 11 has substantially minimized east-west traffic within their DMZ, therefore shrinking their attack surface.
Implementing NSX Data Center has not only improved the security posture at Region 11 though. It has also given the team the ability to work more closely together through the centralized management and visibility into the network. The VI admin has direct visibility into the network engineer’s actions without needing to understand command-line processes and procedures. Responsibilities are being shared and cross-training is taking place, with the team working together to make crucial access decisions. According to Rory, “It [NSX Data Center] has truly opened a lot of doors that have never been open before.”