Over the last couple of months, Sander, Anne Jan and I have been working on a security whitepaper that lays out a practical implementation of zero trust while interfacing with a helpdesk system. In this case, OTRS.
It’s all about how engineers can get access to servers to perform maintenance, once your environment is properly micro-segmented. This whitepaper talks about the challenges you have when you’re micro-segmented and how you can resolve these challenges. Using OTRS as an example, this document lays out how to configure a help desk system like OTRS to interface with NSX to gain network access to servers.
First pioneered by Geordy Korte, this way of opening up network access is effortless for the end-user (the engineer). Apart from the automation being used, it also makes sure there is a proper audit log in place so you can see what happens in your environment.
Sander and Anne Jan also presented this idea on the Dutch VMUG, which was received really well – thanks to the people who joined them.
Get the whitepaper “VMware NSX & OTRS – Automating Security with Help Desk Systems” here.
To make this integration between NSX and OTRS possible, we’ve created a middleware service which we have called OTNSX. This is an open source python service which can be found on GitHub.
Let us know what you think and whether you’re thinking about implementing a similar solution!