Síťová virtualizace s VMware
•Descargar como PPSX, PDF•
0 recomendaciones•571 vistas
Tomáš Michaeli, VMware Juniper Day, Praha, 13.5.2015 Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (19)
Similar a Síťová virtualizace s VMware
Similar a Síťová virtualizace s VMware (20)
Más de MarketingArrowECS_CZ
Más de MarketingArrowECS_CZ (20)
Último
Último (20)
Síťová virtualizace s VMware
- 1. © 2015 VMware Inc. All rights reserved. Síťová virtualizace s VMware NSX Intro / May 2015 Tomas Michaeli, Senior SE VMware, tmichaeli@vmware.com
- 2. Cíle nových datových center 2 • Obchodní požadavky nedefinuje IT ale obchodník a zákazník • Konkurenceschopnost Opex / Capex • Agilita a jednoduchost • Bezpečnost • Flexibilita • Škálování
- 3. The next generation networking model Network & Security Services Now in the Hypervisor L2 Switching L3 Routing Firewalling/ACLs Load Balancing Software Hardware Applications Virtual Machines Virtual Networks Virtual Storage Data Center Virtualization Location Independence Compute Capacity Network Capacity Storage Capacity Software Defined Data Center
- 5. Micro-segmentation simplifies network security Each VM inside own perimeter Policies align with logical groups Prevents threats from spreading VM Data Compliance – PCI, HIPPA Security Tagging concept Firewall automation App DMZ Services DB Perimeter firewall AD NTP DHCP DNS CERT Inside firewall Finance EngineeringHR 5
- 6. There is a BIG difference… 6
- 7. NSX for vSphere Deployment Use Cases Self-Service IT Dev X Dev A Test X Acquisition A DevOps Cloud On-boarding M&A Usecases Data Center Automation Micro-segmentation of App Simplifying Compute Silos DMZ Deployments Migration Usecases Public Clouds XaaS Clouds Migration Usecases
- 8. ON-PREMISES VIRTUAL MACHINE VIRTUAL MACHINE VIRTUAL MACHINE vCLOUD AIR Production Network (192.168.50.0/24) NSX EDGE GATEWAYNSX EDGE GATEWAY INTERNET App 1 Firewall Container Corporate Network (192.168.50.0/24) Firewall Container INTERNET To vCloud Air To On-Premises NSX and vCloud Air Deployment Use Case
- 9. NSX – The Network Virtualization Platform 9 Consumption How an end user consumes NSX services via a Cloud Management Platform. The operator interacts with the system through UI or API. Services NSX logical services and 3rd party extensions for networking and security (ex. Logical switch , Logical router, Firewall, Load Balancer, VPN, DDI) DataPlane Provides workload connectivity & services processing (ex. hypervisors, physical switches and appliances) Operations Partner Integration NSX operator uses tools (built-in and 3rd party) for troubleshooting, visibility Management, Control & Data plane integration of 3rd party services DataPlane XenServerNSX Edge Hyper-VvSphere KVM3rd Party GW ServicesServices L2 Switch Firewall Load BalancerL3 Router VPN DDI Operations Partner Integration Software partner extensions Hardware partner extensions Partner extensions vCOPs Consumption Any
- 10. NSX | The Strategic Platform for the Next-Gen DC CONFIDENTIAL 10 Micro- Segmentation Security Disaster Recovery IT Automation Developer Cloud Data Center Migration /Refresh Iaas NSX Distributed firewalling makes network security inside data center perimeter operationally feasible Reduce RTO by 80% Reduce infrastructure provisioning time from weeks to minutes Self Service Cloud (vRealize Automation or Openstack SDDC) Live migrate workloads to new data center without changing IP addresses. Best price / performance choice for new network hardware Provision or repurpose generic physical capacity on demand
- 11. Demo Time CONFIDENTIAL 11 Prod_Logical_Switch .11 .12 ICMP App-Tier-01 DB-Tier-01
- 12. Thank you Frantisek Ferencik, Systems Engineer fferencik@vmware.com CONFIDENTIAL12
Notas del editor
- So, What exactly is a “virtual network”? A virtual network is a software container that delivers network services that connected workloads expect from a network. Click – Logical switching, layer 2 connectivity which may be between two VMs on the same hypervisor and host, never leaving the hypervisor or between two VMs which are on two different sides of the data center across multiple L3 subnets and availability zones. Click – Logical Routing, Layer 3 connectivity which may be between two VMs on the same hypervisor and host, but in different IP subnets and on different logical switches, without leaving the hypervisor to use a physical router or between two VMs which are on two different sides of the data center, again, without ever leaving the virtual network construct. Click – Logical load balancers, and Click –Logical Firewalls…all in software, all isolated from any other virtual network and from the underlying physical network. click
- Faithful reproduction of L2 – L7 network & security services Services design for scale-out Central API for provisioning & monitoring All NSX components designed with resiliency Extensive 3rd party ecosystem for NSX platform
- NSX in vCloud Air and on-premises you can take your existing application and move it to vCloud Air or back without changing the firewall rules or network.
- In order to understand our product direction it is important to share how we think about the functional elements of our platform first The Data Plane provides workload connectivity & services processing (ex. hypervisors, switches and appliances) Services refer to logical Network Services offered by NSX or extended by third party engines (ex. Logical switching, Logical routing, Firewalling, Load Balancing, VPN, DDI) Partner Integration is complete orchestration of MGMT, Control & Data plane integration of 3rd party services Operations is about tools used by NSX operator for troubleshooting and visibility And Consumption is how an end user consumes NSX services through a CMS or an NSX The operator interacting with the system through UI or API