Upload
hatu
View
229
Download
2
Embed Size (px)
Citation preview
© 2015 VMware Inc. All rights reserved.
Network Virtualization through VMware NSX : More than Just Software Defined Networking Yves Hertoghs Lead NSX Systems Engineer, EMEA [email protected]
Software Defined Networking? Wasn’t that the SOLUTION ? • TO WHAT problem ? Or “What
Flavor of SDN ?” – Forwarding Plane SDN ? – Control Plane SDN ? – Overlay Control Plane SDN !
• Its not only about connectivity! What about Service Insertion/Chaining/Delivery ?? – Cross-vendor – Dynamic – Automated (aka Software
Defined) © Dave Meyer
Service ‘X’ Controller
Software Defined Done Wrong • Vertical Integration of
Compute/Network/Storage Resources ; Vendor Specific
• Only Automates Connectivity across the application or towards the Services in an application
• Relies on higher layer Orchestration to set up Service Components ,Service Policies and Service Chaining
3
UBER Orchestrator or “Controller of Controllers”
Application
Hardware Defined DC Platform
Integrated x86
Integrated Storage
Vendor Specific Network
Ver
tical
Inte
grat
ion
Network Connectivity Controller
Service ‘A’ Controller
Service ‘B’ Controller
AP
I’s
Service A Appliances
Service B Appliances
AP
I’s
AP
I’s
Achieving Cross-Vendor, Dynamic, Automated Service Chaining through a new architectural approach
Virtual Machines
Virtual Networks
Virtual Storage
Location Independence
Compute Capacity
Network Capacity
Storage Capacity
Software-Defined Data Center
Applications
Data Center Virtualization
Intelligent, per VM Policies for : Forwarding (L2 or L3) Firewalling (L2-L4) Redirection to 3rd party Services
Network and Security Services Now in the Hypervisor
L2 Switching L3 Routing Firewalling (L2-L4) Load Balancing
The next-generation networking model : Perfect VM-VM Isolation , amazing per VM-context
Software
Hardware
Granular control becomes possible
Built-in Services
L2-L4 Firewall Data Security
Server Activity Monitoring VPN (IPSEC, SSL)
Third-party Services
Antivirus NG-Firewall
Vulnerability Management
Intrusion Prevention
Identity and Access Mgmt
…and more in progress
Security Policy Management
NSX
What is VMware NSX: It Virtualizes the Network
Logical Switching
Logical Routing
Load Balancing
Physical to Virtual
Firewalling & Security
VPN
Data Security
Activity Monitoring
One-Click Deployment via Cloud Management Platform
Management APIs, UI
VC Objects, Topology
Blueprints, Policies,
Groups, Tags
Control Plane
Flexible Service Chaining through the NSX Platform
8
1 2 3
Traditional Data Center NSX Data Center
§ Flexible service chain that adapts to changing conditions – more efficient use of services
§ Platform for integrating the leading security products: better security by sharing tags
§ Single Pane of Glass through NSX !
NSX enables dynamic actions to respond to changing security conditions
Static service chain Dynamic service chain
NSX as a Service Insertion Platform: Service Categories and Partners
NSX Partner Extensions
Security Services Physical-to-Virtual Services Operations and Visibility Application Delivery Services