This is a term that I’ve been throwing around for a while now so I thought I’d take the time to define it for everyone.
Virtualized Network Security Management (vNSM) The extension of existing Network Security Management (NSM) policies and procedures to include “virtualized” deployments. This includes, but is not limited to, the collection, correlation, and normalization of:
network flows (e.g. NetFlow) generated by “virtualized” network components
expected, anomalous, or malicious network communications to/from/between “virtualized” hosts (e.g. web server communicating with “virtualized” database, “virtualized” workstation retrieving file from “virtualized” FTP server, etc.)
logs generated from the operation of the host virtualization platform
I may expand on, or refine, this definition in the future but I wanted to make sure I had my ideas down on “paper” before I lost them.