Más contenido relacionado La actualidad más candente (20) Similar a Software Defined Networking (SDN) with VMware NSX (20) Software Defined Networking (SDN) with VMware NSX1. Software Defined Networking (SDN)
with VMware NSX
Scott Hogg
Chief Technology Officer
Global Technology Resources, Inc.
©2016 Global Technology Resources, Inc., All Rights Reserved.
Contents herin contain confidential information not to be copiedFebruary 3, 2016
Hunter Hansen
Account Executive – West Region
Network & Security Business Unit
VMware
2. © 2016 GTRI
Agenda
SDN Introduction and Overview
Benefits and Drivers for SDN and Use Cases
Operational Considerations of SDN
VMWare NSX Review
GTRI’s SDN Solutions and Services
Summary
Questions and Answers
2
3. © 2016 GTRI
Benefits of Network Virtualization
and Software’s Influence
Servers have transformed from bare-metal to
virtualized OSs, and now applications are moving to
software containers (LXC, Docker, etc.).
Storage systems now have dynamic features like
automatic tiering, thin-provisioning, de-duplication,
backups and replication.
DevOps isn’t just a popular digital-age portmanteau,
its a movement of IT de-silo-ization that is making its
way into the data-networking realm.
Networking hasn’t changed substantially in 15 years
Unfortunately, most network devices are still manually configured
one at a time
Network Admins have only managed to moved from Telnet to SSH
3
# telnet 10.2.6.9 # ssh –l cisco 10.2.6.9
5. © 2016 GTRI
What is SDN?
Software-Defined Networking is an approach to
networking that separates the control plane from
the forwarding plane to support virtualization.
SDN is a new paradigm for network virtualization.
5
6. © 2016 GTRI
SDN High-Level Architecture
6
Controller
Network
Element
Network
Element
Network
Element
Network
Element
SDN Layer
Virtualized Application Services
Northbound API
Southbound API
Controller Layer
Data Plane Layer
Agent
Agent
Agent
Agent
Controller
East/West
Interface
7. © 2016 GTRI
SDN Benefits
Greater span of control and network analytics
and response.
Better intelligence with a global view of the
network rather than each network element
looking at the network from its own viewpoint.
Improved application experience and empower
the network owner/operator.
Rapid deployment of applications using
networking that supports the application’s
specific needs.
Simplified and automated IT administration.
Opportunity to open up the network and offer a
diverse set of vendors and disaggregation.
7
9. © 2016 GTRI
SDN Operational Model
Network and security administrators are sometimes
threatened by network programmability and software-
defined networking.
The truth is, your networking skills and knowledge is
transferable to a software-driven/defined world.
Operational issues can arise in the new SDDC
environment when groups don’t cooperate well.
Silos of IT operations don’t lend themselves to NFV
and SDN and virtual security policy enforcement.
The traditional physical demarcations and lines of
responsibility blur with SDN and NFV.
Cross-function and interdisciplinary DevOps teams are
needed to make SDN and NFV systems viable.
9
10. © 2016 GTRI
VMware SDN Solutions
VMware is a leader in virtualization
software and Software-Defined Data
Center (SDDC) solutions.
VMware acquired Nicira and their Network
Virtualization Platform (NVP)
This has now evolved into the VMware
NSX product which provides network
virtualization, disaster recovery, and
security.
10
11. © 2016 GTRI
It’s Time to Virtualize the WHOLE
Data Center
EFFICIENT SECURE
Optimized for rapid
development and delivery
of all applications, for safe
consumption on any device
The Software Defined
Data Center
AGILE
Network Virtualization is Key
13. © 2016 GTRI
Network, storage, compute
Virtualization layer
“Network hypervisor”
Virtual Data Centers
Network Virtualization
is at the core of an
SDDC approach
Non-Disrupting Deployment
14. © 2016 GTRI
The Power of Distributed Services
Switching
Routing
Firewalling/ACLs
Load Balancing
Network and security services now
distributed in the hypervisor
19. © 2016 GTRI
DR Today (simple view)
10.0.10/24 10.0.20/24
10.0.10.21 10.0.20.21 Major
RTO
Impact
Change IP Address
Reconfig Security4
Primary Site Recovery Site
Recover
the VM
3
Replicate
VM & Storage
2Physical Network Infrastructure Physical Network Infrastructure
SAN
1
Snapshot VM
SAN
Step 1&2
(e.g VMware SRM)
19
20. © 2016 GTRI
DR with NSX Network Virtualization
(simple view)
SAN SAN
10.0.30.21 10.0.30.21
Virtual Network
10.0.30/24
80%
RTO
Virtual Network
10.0.30/24
NSX Controller NSX Controller
Snapshot
Network &
Security
2b
Primary Site Recovery Site
1
Snapshot VM Network & Security
already exists
Recover
the VM
3
Physical Network Infrastructure Physical Network Infrastructure2a
Replicate
VM & Storage
10.0.10/24 10.0.20/24
Step 1&2
(e.g VMware SRM)
20
22. © 2016 GTRI
The Power of Distributed Network &
Security Services & Policies
23. © 2016 GTRI
Problem: Data Center Network
Security
Perimeter-centric network security has proven insufficient, and micro-segmentation is operationally infeasible
Little or no
lateral controls
inside perimeter
Internet Internet
Insufficient Operationally
Infeasible
24. © 2016 GTRI
How an SDDC approach makes
micro-segmentation feasible
24
Internet
Security Policy
Perimeter
Firewalls
Cloud
Management
Platform
25. © 2016 GTRI
Align type of controls to what you
are protecting
Isolation Explicit Allow Comm. Secure Communications
NGFW
IPS
IPS
NGFW
ServiceInsertion
Application A
Application B
App Tier
DB Tier (e.gTCP,1433)
No Communication Path
26. © 2016 GTRI
GTRI SDN Solutions
GTRI’s Virtualization and Advanced Networking
Professional Services (PS) practice has expertise
with SDN vendor solutions. Like VMware NSX.
GTRI has completed the Network Virtualization
VMware specialization.
GTRI offers an SDN readiness assessment service
to assess your organization, your applications,
and the benefits to your business gained from
using SDN.
VMware NSX provides near-term secure network
virtualization and network automation while
laying the foundation for an SDN future.
Let GTRI and VMware help your organization
embark on a path toward SDN.
26
27. © 2016 GTRI
Questions and Answers
Q&A Session
Next Steps
27
Scott Hogg SHogg@GTRI.com 303-949-4865 @scotthogg
Hunter Hansen HHansen@VMware.com 720-628-1189