VMware 이호석 부장 Sr. Systems Engineer Networking and Security Business Unit

Showcase Super Session

Shutterfly: Life with VMware NSX—Year 3

Agenda

1 Session Introduction

2 Shutterfly Overview

3 NSX Deployment Overview

4 Micro-segmentation

5 NSX Load Balancer

6 vRA + NSX for Self Service IT

7 vRealize Network Insight

8 Summary and Q&A

2

Shutterfly, Inc

3

1999 2006 2013 2015

Founded in 1999, offered customers 4”x6” prints

Listed on NASDAQ as SFLY

Reached $1B in revenue

Launched SBS- Shutterfly Business Solutions

At Shutterfly, Inc., our vision is to make the world a better place by helping people share life's joy.

4

5

Shutterfly Business Solutions

Shutterfly Business Requirements

Problem Statement

On-Prem Data Center

PC: CloudTweaks.com

Requirements for SDDC Platform

Agile, Scalable and Reliable

Isolation for tenants

Hardware Abstraction

Self-Service IT portal

Compliance & Audit Support

8

NSX Deployment Overview

vSphere 6.0

vRealize Automation

6.3.x NSX 6.2.x vRNI 3.4

Shutterfly Private Cloud: Valhalla

Multi-tenant Infrastructure

Micro-segmentation NSX Load-Balancer

Alerts

Audit Compliance

Flow visibility & Micro-segmentation

planning

Valhalla: NSX Topology

11

Distributed logical router

Physical

Networks

Web LS App LS DB LS

Tenant 1

172.16.10.0/24 172.16.20.0/24 172.16.30.0/24

Web LS App LS DB LS

Tenant 2

172.17.10.0/24 172.17.20.0/24 172.17.30.0/24

Web LS App LS DB LS

Tenant 3

172.18.10.0/24 172.18.20.0/24 172.18.30.0/24

4 ESG’s in ECMP Mode Management

Cluster

56VM:1 Consolidation ratio

60% Improvement

Data Center Security

East-West micro-segmentation

SOC-2 Compliance, PCI

Automated Security Policy

Advanced FW Services and Context Isolation

Security

400% Increase in workload footprint

1600TB 30 day Data flow out of Valhalla

Number of Physical Firewalls added: 0

NSX Load Balancer

NSX Load Balancer

18

VM

VM VM

VM

DLR

One-Arm LB

Transit L.S.

Provider

NSX Edges

(HA or ECMP)

DLR

Web LS

App LS

DB LS

Web server maintenance

0 Downtime 300TB 30 day NSX LB flow data

Automated workload delivery – vRA+NSX

SFLY Self Service Portal

Choose VM OS

VM Size, Qty

Optional Hostname

Environment

Lease days

Valhalla Cloud: Self Service IT

Agile

Days to minutes

Stable

Consistent, repeatable

Secure

Define the security policy once

and reuse the same policy

21

Automating Production workloads is

directly tied to business revenue

Automating Production & Dev-Test

Automating Dev & Test can significantly

reduce application time to market

22

Admin

Converged Blueprint

Developer

Physical Infrastructure

Dev and Test workloads

• Agile Developer Cloud

• Minimal manual intervention

• Provision VM+ Services

• Consistent environment

• Secure

• Easy decommissioning

Production Workloads

• Business agility

• Proactive to business needs

• Security is not compromised

• Easy decommissioning

• Some manual intervention

External Users

3-5 Mins Deployment time

50-75 VM’s recycled weekly

Day 2 operations with vRNI

vRealize Network Insight (vRNI)

25

Visibility

Micro -Segmentation

planning

Audit Support Pro-active Alerts

Monitoring & Troubleshooting

• Visibility into flows • Micro-segmentation planning • Audit Support • Pro-active alerts • Monitoring and Troubleshooting

Then and now..

28

Business Agility > 1 week 3-5 minutes

Security Perimeter Firewall, no E-W

segmentation

E-W with automated policy

provisioning

Elasticity/Scalability Manual effort Elastic – minutes to scale up

Availability SLA challenge SLAs easily achieved

Automation

capabilities

None Automated provisioning with

security policy

Operations High resolution times Unified Management

Summary

• Entering Year 3 of production with NSX • Agile, Scalable, Reliable network • Single pane of glass management • Simplified underlay network

"Some people are always trying to ice-skate uphill"