© 2015 VMware Inc. All rights reserved.

Network Virtualization through VMware NSX : More than Just Software Defined Networking Yves Hertoghs Lead NSX Systems Engineer, EMEA yhertoghs@vmware.com

Software Defined Networking? Wasn’t that the SOLUTION ? •  TO WHAT problem ? Or “What

Flavor of SDN ?” – Forwarding Plane SDN ? – Control Plane SDN ? – Overlay Control Plane SDN !

•  Its not only about connectivity! What about Service Insertion/Chaining/Delivery ?? – Cross-vendor – Dynamic – Automated (aka Software

Defined) © Dave Meyer

Service ‘X’ Controller

Software Defined Done Wrong •  Vertical Integration of

Compute/Network/Storage Resources ; Vendor Specific

•  Only Automates Connectivity across the application or towards the Services in an application

•  Relies on higher layer Orchestration to set up Service Components ,Service Policies and Service Chaining

3

UBER Orchestrator or “Controller of Controllers”

Application

Hardware Defined DC Platform

Integrated x86

Integrated Storage

Vendor Specific Network

Ver

tical

Inte

grat

ion

Network Connectivity Controller

Service ‘A’ Controller

Service ‘B’ Controller

AP

I’s

Service A Appliances

Service B Appliances

AP

I’s

AP

I’s

Achieving Cross-Vendor, Dynamic, Automated Service Chaining through a new architectural approach

Virtual Machines

Virtual Networks

Virtual Storage

Location Independence

Compute Capacity

Network Capacity

Storage Capacity

Software-Defined Data Center

Applications

Data Center Virtualization

Intelligent, per VM Policies for : Forwarding (L2 or L3) Firewalling (L2-L4) Redirection to 3rd party Services

Network and Security Services Now in the Hypervisor

L2 Switching L3 Routing Firewalling (L2-L4) Load Balancing

The next-generation networking model : Perfect VM-VM Isolation , amazing per VM-context

Software

Hardware

Granular control becomes possible

Built-in Services

L2-L4 Firewall Data Security

Server Activity Monitoring VPN (IPSEC, SSL)

Third-party Services

Antivirus NG-Firewall

Vulnerability Management

Intrusion Prevention

Identity and Access Mgmt

…and more in progress

Security Policy Management

NSX

What is VMware NSX: It Virtualizes the Network

Logical Switching

Logical Routing

Load Balancing

Physical to Virtual

Firewalling & Security

VPN

Data Security

Activity Monitoring

One-Click Deployment via Cloud Management Platform

Management APIs, UI

VC Objects, Topology

Blueprints, Policies,

Groups, Tags

Control Plane

Flexible Service Chaining through the NSX Platform

8

1 2 3

Traditional Data Center NSX Data Center

§ Flexible service chain that adapts to changing conditions – more efficient use of services

§ Platform for integrating the leading security products: better security by sharing tags

§ Single Pane of Glass through NSX !

NSX enables dynamic actions to respond to changing security conditions

Static service chain Dynamic service chain

NSX as a Service Insertion Platform: Service Categories and Partners

NSX Partner Extensions

Security Services Physical-to-Virtual Services Operations and Visibility Application Delivery Services

Questions ?

CONFIDENTIAL 10