vmworld 2013: datacenter transformation with network virtualization: today and tomorrow
DESCRIPTION
VMworld 2013 Allwyn Sequeira, VMware Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshareTRANSCRIPT
![Page 1: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/1.jpg)
Datacenter Transformation with Network
Virtualization: Today and Tomorrow
Allwyn Sequeira, VMware
SEC5828
#SEC5828
![Page 2: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/2.jpg)
2
Agenda
Network & Security Virtualization – The Industry Context
The Problem Statement – Various Perspectives
• Application, CMP perspective
• VI admin / cloud operator perspective
VMware NSX Platform
VMware NSX Architecture
VMware NSX Use cases
![Page 3: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/3.jpg)
3
Enterprise
Data Center
Networking
The Industry Context - Three Major Forces in Networking
- Separation of control, OpenFlow
- X86 programmability
- Centralized management
Research, GOOG, Telco, Nicira
- Interconnect heterogeneous
compute/storage pools
- COTS hybrid server/switch
- L3 to the rack, scale out PODs
AMZN, RAX, FB, Ebay, Nicira
- SDDC: beyond servers
- Net / sec virtualization
- Fast / flat / fat fabrics, UCS
VMW, CSCO, …
N + V = NV leadership!
![Page 4: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/4.jpg)
4
Network Virtualization = SDN+
L2
L3 Virtual
Networks
L2
All the properties of SDN
• Separation of control, forwarding
• Software innovation
• Time to market
• Service extensibility
With the benefits of virtualization
• Agility, efficiency, mobility
• Non-disruptive deployment
• Decoupled from physical
• Hardware independence
Distributed
Forwarding
Manual
Configuration
Network virtualization will leverage the network fabric / SDN controller shift
![Page 5: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/5.jpg)
5
Agenda
Network Virtualization – The Industry Context
The Problem Statement – Various Perspectives
• Application, CMP perspective
• VI admin / cloud operator perspective
VMware NSX Platform
VMware NSX Architecture
VMware NSX Use cases
![Page 6: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/6.jpg)
6
Enterprise Data Center Security & Networking Today
vSphere
Users
Sites
Backend
Services
- VLANs, ACLs, Firewalls, IDS/IPS, monitoring
- Server A/V Agents, guest security
- App | data | identity aware security, compliance
- DMZ firewall, NAT, DDI
- Site and user VPNs
- Web load balancers, WAF
- Desktop A/V Agents
- DLP, FIM, white listing
DMZ
Web
View
Way too complicated, fragmented, manual! OUCH
![Page 7: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/7.jpg)
7
SDDC & NSX – Enabling App-Cloud
APP
CLOUD
VIRTUAL
PHYSICAL
HYPERVISOR HYPERVISOR HYPERVISOR
SDDC = A better way to build clouds
NSX = Solves SDDC networking & security
![Page 8: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/8.jpg)
8
What Applications and Cloud Consumers Want…
Bridge Physical
L2
L3
Firewall
WAN
Internet
Edge
Apps should be completely un-aware of the underlying infrastructure
That is someone else’s problem i.e. OUR problem
![Page 9: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/9.jpg)
9
NSX: Closing the Gap Between Provider and Consumer
NSX
L2
CMP
Bridge
Physical
WAN
Internet
Edge L3
Firewall
Any Physical Infrastructure
Compute, Storage & Network Hardware Independent
![Page 10: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/10.jpg)
10
On any network On any network
The NSX Requirements
INTERNET
WAN
On ramp, off ramp
& edge services
ESX, KVM, Xen
Non-vSphere
compute clusters
vSphere
vSphere (incl vCenter)
compute clusters
NSX needs to deliver:
L2-L3 Network Services
L4-L7 Network Services
On demand, at scale
Operators Partners
Common model for
provider provisioning,
fault, perf, stats, logs
Common model for
partner service insertion
LAN
Physical
vCloud Suites Open Stack
Consumers
Common consumption
Model for CMPs, apps
![Page 11: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/11.jpg)
11
Agenda
Network Virtualization – The Industry Context
The Problem Statement – Various Perspectives
• Application, CMP perspective
• VI admin / cloud operator perspective
VMware NSX Platform
VMware NSX Architecture
VMware NSX Use cases
![Page 12: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/12.jpg)
12
VMware NSX – Networking & Security Capabilities
Any Application
(without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3
Logical
VPN
Any Hypervisor
Logical Switching– Layer 2 over Layer 3, decoupled from the physical network
Logical Routing– Routing between virtual networks without exiting the software container
Logical Firewall – Distributed Firewall, Kernel Integrated, High Performance
Logical Load Balancer – Application Load Balancing in software
Logical VPN – Site-to-Site & Remote Access VPN in software
NSX API – RESTful API for integration into any Cloud Management Platform
Partner Eco-System
![Page 13: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/13.jpg)
13
Server Virtualization Cloud Infrastructure vCloud
vCloud
VMware’s Network & Security Virtualization Journey
vSwitch
Host 1 Host 2
vSwitch vSwitch vSwitch
Host Y Host Z
Abstract: vSwitch started the network virtualization journey
Pool: NSX Switch with distributed routing & overlays extend diameter
Burst: NSX Edge provides on/off ramp to/from data center
Secure: NSX Firewall is the basis for security virtualization
Automate: NSX Manager, APIs and CMP plugins provide integration
NSX Switch NSX Switch
Overlay
NSX Edge
NSX Firewall
![Page 14: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/14.jpg)
14
Agenda
Network Virtualization – The Industry Context
The Problem Statement – Various Perspectives
• Application, CMP perspective
• VI admin / cloud operator perspective
VMware NSX Platform
VMware NSX Architecture
VMware NSX Use cases
![Page 15: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/15.jpg)
15
VCNS
vSphere
vCloud Suites
Hardware and Location Independent
VMware: The Two Leading Network Virtualization Stacks
VMware Open stack
KVM, Xen
NVP
Open stack
NSX
![Page 16: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/16.jpg)
16
Network & Security Virtualization – The Journey
1. Abstract
Physical
Virtual
Abstract network &
security functions
3. Automate
Cloud
Operations
Network/Security
Operations
Realize operational
benefits of virtualization
2. Pool
Distribute and allocate
to apps, on demand
Virtual
Physical
![Page 17: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/17.jpg)
17
NSX Architecture and Design Pattern D
ATA
C
ON
TR
OL
MG
MT
CMP
CL
OU
D
PH
YS
ICA
L
VIR
TU
AL
OVERLAYS
Hypervisor
vSwitch
Hypervisor
NSX Switch
NSX Manager NSX Manager NSX Manager
NSX API
CMPs & apps consume logical services
The REST API abstracts underlying services
The Manager cluster maps services to controllers
Controller cluster: Manager + agents
Integrated switching, routing, firewalls in hypervisor
Overlays de-couple from physical
Physical: IP connectivity is the only requirement
![Page 18: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/18.jpg)
18
L2-L
3
L4-L
7
Contr
ol
Mgm
t
Product Delivery Summary
VMW CMP Open Stack CLO
UD
P
HY
SIC
AL
VIR
TU
AL
Operations Partners
INTERNET
WAN
LAN
Physical
NSX Edge
Edge
Services
Router
ToR / OVSDB
NSX Controller Cluster
NSX Manager NSX Manager NSX Manager
NSX API
vCAC, Neutron Plugins
Consumption
ESX, KVM, Xen vSphere
NSX Firewall
DFW
NSX Switch
VDR
VDS
NSX Switch
OVS
![Page 19: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/19.jpg)
19
Introducing NSX Partner Brocade
![Page 20: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/20.jpg)
20
Brocade VCS Gateway for NSX — Centralized
© 2013 Brocade Communications
Systems, Inc. Proprietary Information
Easy initial deployment model—no rip and replace
Brocade VDX 6740 Fixed Switch with VCS Fabric Technology
• ASIC support for leading VTEP performance
• Simplicity and resiliency via logical gateway with redundant switches
VMware NSX Controller
LEAF LEAF
Spine
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
SLB
FW
LEAF LEAF LEAF LEAF LEAF LEAF
Spine
Brocade VDX Brocade VDX
Non-VXLAN VXLAN
![Page 21: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/21.jpg)
21
Brocade VCS Gateway for NSX — Distributed
VXLAN gateway a feature of every ToR Brocade VDX 6740 switch
Maximum flexibility for placement of virtual and physical endpoints
Single point of management via VMware NSX integration and Brocade VCS Logical Chassis
Brocade
VDX
Brocade VDX
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
Non-VXLAN VXLAN
VMware NSX Controller
Brocade
VDX
Brocade VDX Brocade VDX
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
Brocade VDX
© 2013 Brocade Communications
Systems, Inc. Proprietary Information
![Page 22: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/22.jpg)
22
Security Virtualization –
The Next Frontier
![Page 23: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/23.jpg)
23
Security Virtualization with NSX Firewall & Edge
Apps / DB Tier DMZ
Users
Sites
Web Servers
• NSX Firewall: Virtualize internal firewalls & endpoint security into the hypervisor
• NSX Edge: Virtualize perimeter networking & security services (per VDC or vApp)
![Page 24: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/24.jpg)
24
Network & Security Virtualization: The App Perspective
App
Owner
Virtualization
Operations
Physical
Infrastructure
![Page 25: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/25.jpg)
25
NSX API and Manager Cluster in Action
![Page 26: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/26.jpg)
26
Agenda
Network Virtualization – The Industry Context
The Problem Statement – Various Perspectives
• Application, CMP perspective
• VI admin / cloud operator perspective
VMware NSX Platform
VMware NSX Architecture
VMware NSX Use cases
![Page 27: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/27.jpg)
27
VMware NSX – Network Virtualization
VMware NSX Transforms the Operational Model of the Network
• Network provisioning time reduced from days to minutes
Reduce network provisioning time from
days to seconds
Cost Savings
• Reduce opex by 80%
• Increase compute asset utilization upto 90%
• Reduce capex by 40-50%
Operational Automation
Simplified IP hardware
Choice
• Hypervisor: vSphere, KVM
• CMP: vCAC, Openstack
• Any Network Hardware
• Partner Ecosystem
Any hypervisor
Any CMP with Partner
![Page 28: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/28.jpg)
28
Looking Forward: Interconnected SDDCs
• Any service, anywhere, any scale,
on any hardware
• Full API for implementing auto-scale
distributed services
• Leverage the power of virtualization
for next generation network services
Data Center
Data Center
Data Center
Logical Networks & Services
Consistent across multiple data centers
![Page 29: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/29.jpg)
29
In Summary, NSX …
Transforms Networking and Security in the Software-
defined Data Center
Virtualizes networking and security to create efficient,
agile and extensible constructs
Increases operational efficiency and improves utilization
Simplifies operations and enables IT agility to drive business agility and protect business critical applications
Delivers the most extensible platform and broadest set of
ecosystem partners
START YOUR NETWORK & SECURITY VIRTUALIZATION JOURNEY TODAY!
![Page 30: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/30.jpg)
30
Other VMware Activities Related to This Session
HOL:
HOL-SDC-1302
vSphere Distributed Switch from A to Z
HOL-SDC-1303
VMware NSX Network Virtualization Platform
SEC5828
![Page 31: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/31.jpg)
THANK YOU
![Page 32: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/32.jpg)
![Page 33: VMworld 2013: Datacenter Transformation with Network Virtualization: Today and Tomorrow](https://reader033.vdocuments.us/reader033/viewer/2022052903/5578aafad8b42a4d4b8b4a17/html5/thumbnails/33.jpg)
Datacenter Transformation with Network
Virtualization: Today and Tomorrow
allwyn sequeira, VMware
SEC5828
#SEC5828