Upload
scott-lowe
View
383
Download
2
Embed Size (px)
Citation preview
© 2014 VMware Inc. All rights reserved.
The Vision for the Future of Network Virtualization with VMware NSX
Scott Lowe Engineering Architect NSBU, VMware, Inc.
Agenda
• Who is this guy? • Network virtualization with VMware NSX: the story so far • Where do we go from here? • Questions and answers
Who is this guy?
• Husband, father, Jeeper, geek • Engineering Architect in VMware’s Network & Security Business Unit (NSBU) • Author (7 books so far, 8th book in the works) • Blogger (11 years at http://blog.scottlowe.org) • Speaker (VMworld, Interop, OpenStack meetups, VMUG events worldwide) • Podcaster (The Full Stack Journey podcast) • Jack of all trades, master of none
3
NSX customer and business momentum
Organizations have spent over US$1M on NSX
100+
NSX Customers 1400+
production deployments (adding 50-90 per quarter)
340+
Virtual Machines
Physical Network Infrastructure
Internet
Network virtualization with VMware NSX today
Virtual machines
Physical network infrastructure
Internet
Virtual infrastructure
Application demands • Many different applications • Different compliance and security needs • Frequent change
Hardware complexity • Multiple vendors • Different architectures • Multiple locations
NSX network virtualization • Speed and automation • Agility • Security and policy
Major NSX use cases
Intra-Datacenter Micro-Segmentation DMZ Anywhere Secure User Environments
Security
IT Automating IT Developer Clouds Multi-tenant Infrastructure
Agility
Disaster Recovery Metro Pooling Hybrid Cloud Networking
Application Continuity
Overlay-to-VLAN gateway functionality • Overlays allow NSX to decouple logical networks from the physical network • The overlay-to-VLAN gateway allows communication between logical and physical networks
Physical Network, VLAN-backed segments
VM
NSX Logical Network, VXLAN/STT/Geneve tunnels
VXLAN ßà VLAN gateway
Physical Workload
Overlay-to-VLAN gateway form factors
VXLAN/STT/ Geneve
VLAN
x86-based bridge
Physical Workloads
VXLAN VLAN
Physical Workloads
Leverages x86 server
Highest density and throughput with partner HW
HW VTEP
Why distributed network services?
14
Scale out of network services
Apply services at the vNIC for very granular control
Unprecedented visibility
NSX vSwitch
Tech preview: Distributed load balancing
15
Web Tier
App Servers
Database
Load Balancer
Load Balancer
Physical View Logical View
NSX vSwitch
Container networking today
17
Inte
rnal
App
Inte
rnal
App
Web
site
Web
site
Web
site
Web
site
Internet
Dat
abas
e
Port 80
Internal network
Tech preview: Containers with VMware NSX
18
Web
site
Web
site
Web
site
Web
site
Internet Internal network
Physical network infrastructure
Inte
rnal
App
Inte
rnal
App
Dat
abas
e
Dat
a ce
nter
HONEY POT
VULNERABILITY SCANNER
Micro- segmentation Alert Connection
to data center
NSX provides segmentation, visibility, and integration
Micro- segmentation Alert Connection
to data center
Benefits of NSX and containers
19
Micro- segmentation Alert Connection
to data center
• Micro-segmentation to establish clear boundaries
• Stop compromises at container or application level
• Central visibility into connectivity across the data center
• Per-flow tracking • Alerts for suspicious
behavior • Virtual taps at a per-
container level
• Integration with the rest of your IT infrastructure
• Monitoring, incident response, forensics
• Access to databases, backup, system updates
Lock-in through services
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
Cloud: just new silos?
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
NSX
Tech preview: VMware NSX on public clouds
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
Storage service
Load balancing
service
Firewall service
NSX tomorrow: virtual networking for all platforms
26
Speed Provision connectivity for any endpoint across different domains.
Agility Automate provisioning via templates and rich APIs.
Security Consistent security posture and visibility across all types of endpoints.
On-premises data centers
Third-generation apps
Public clouds
Virtual desktops
Mobile devices
Hyper-V
Some additional resources • Watch Bruce Davie’s VMworld US 2015 session NET4989, “The Future of Network
Virtualization with VMware NSX”
• Watch Guido Appenzeller’s VMworld US 2015 spotlight session, “The Next Horizon for Cloud Networking” (video recording available on YouTube at http://www.youtube.com/watch?v=RBJ-KoAM-OQ)
• Tons more VMware NSX content available from VMworld—VMUG Advantage members have access to all this content!
• Learn more about VMware NSX using the VMware Hands-On Labs at http://hol.vmware.com
27
Speaking of VMworld…
• Bring your spouse/partner/family/friend with you to VMworld in Las Vegas
• Activities planned throughout the entire conference
• Win prizes, make friends, and have fun • Will also be available in Barcelona for
VMworld EMEA • http://spousetivities.com/
28
Thank You! Scott Lowe [email protected] Twitter: @scott_lowe Blog: http://blog.scottlowe.org GitHub: https://github.com/lowescott Life: Colossians 3:17