The Vision for the Future of Network Virtualization with VMware NSX

Transcript

1. © 2014 VMware Inc. All rights reserved. The Vision for

   the Future of Network Virtualization with VMware NSX Scott Lowe

2. Agenda •  Who is this guy? •  Network virtualization with

   VMware NSX: the story so far •  Where do we go from here? •  Questions and answers

3. Who is this guy? •  Engineering Architect in VMware’s Network

   & Security Business Unit (NSBU) •  Author (7 books so far) •  Blogger (10 years at http://blog.scottlowe.org) •  Speaker (VMworld, Interop, VMUG events worldwide) •  All-around geek 3

4. Network virtualization with VMware NSX The story so far

5. NSX customer and business momentum organizations have invested $1M+ in

   NSX 65+ NSX Customers 700+ production deployments (adding 25-50 per quarter) 100+

6. Networking is a software industry

7. NSX in open source environments organizations contributing to Open vSwitch

   60 of NSX production deployments use OpenStack 20% KVM VMs in a single NSX deployment 100k+

8. Virtual Machines Physical Network Infrastructure Internet Network virtualization with VMware

   NSX today Virtual machines Physical network infrastructure Internet Virtual infrastructure Application demands •  Many different applications •  Different compliance and security needs •  Frequent change Hardware complexity •  Multiple vendors •  Different architectures •  Multiple locations NSX network virtualization •  Speed and automation •  Agility •  Security and policy

9. Major NSX use cases Intra-Datacenter Micro-Segmentation DMZ Anywhere Secure User

   Environments Security IT Automating IT Developer Clouds Multi-tenant Infrastructure Agility Disaster Recovery Metro Pooling Hybrid Cloud Networking Application Continuity

10. Where do we go from here?

11. Physical networks and bare- metal workloads

12. Overlay-to-VLAN gateway functionality •  Overlays allow NSX to decouple logical

    networks from the physical network •  The overlay-to-VLAN gateway allows communication between logical and physical networks Physical Network, VLAN-backed segments VM NSX Logical Network, VXLAN/STT/Geneve tunnels VXLAN ßà VLAN gateway Physical Workload

13. Overlay-to-VLAN gateway form factors VXLAN/STT/ Geneve VLAN x86-based bridge Physical

    Workloads VXLAN VLAN Physical Workloads Leverages x86 server Highest density and throughput with partner HW HW VTEP

14. Distributed network services

15. Why distributed network services? 15 Scale out of network services

    Apply services at the vNIC for very granular control Unprecedented visibility

16. NSX vswitch Tech preview: Distributed load balancing 16 Web Tier

    App Servers Database Load Balancer Load Balancer Physical View Logical View NSX vswitch

17. Containers

18. Container networking today 18 Internal App Internal App Website Website

    Website Website Internet Database Port 80 Internal network

19. Tech preview: Containers with VMware NSX 19 Website Website Website

    Website Internet Internal network Physical network infrastructure Internal App Internal App Database Data center HONEY POT VULNERABILITY SCANNER Micro- segmentation Alert Connection to data center NSX provides segmentation, visibility, and integration

20. Micro- segmentation Alert Connection to data center Benefits of NSX

    and containers 20 Micro- segmentation Alert Connection to data center •  Micro-segmentation to establish clear boundaries •  Stop compromises at container or application level •  Central visibility into connectivity across the data center •  Per-flow tracking •  Alerts for suspicious behavior •  Virtual taps at a per- container level •  Integration with the rest of your IT infrastructure •  Monitoring, incident response, forensics •  Access to databases, backup, system updates

21. Public clouds

22. Power of cloud: workload mobility

23. Lock-in through services Storage service Load balancing service Firewall service

    Storage service Load balancing service Firewall service Storage service Load balancing service Firewall service

24. Cloud: just new silos? Storage service Load balancing service Firewall

    service Storage service Load balancing service Firewall service Storage service Load balancing service Firewall service

25. NSX Tech preview: VMware NSX on public clouds Storage service

    Load balancing service Firewall service Storage service Load balancing service Firewall service Storage service Load balancing service Firewall service

26. NSX tomorrow: virtual networking for all platforms Physical network Hyper-­‐V

    Virtual infrastructure

27. NSX tomorrow: virtual networking for all platforms 27 Speed Provision

    connectivity for any endpoint across different domains. Agility Automate provisioning via templates and rich APIs. Security Consistent security posture and visibility across all types of endpoints. On-premise data center Third-generation apps Public clouds Virtual desktop Mobile devices Hyper-­‐V

28. Some additional resources •  Watch Bruce Davie’s VMworld US 2015

    session NET4989, “The Future of Network Virtualization with VMware NSX” •  Watch Guido Appenzeller’s VMworld US 2015 spotlight session, “The Next Horizon for Cloud Networking” (video recording available on YouTube at http://www.youtube.com/watch?v=RBJ-KoAM-OQ) •  Tons more VMware NSX content available from VMworld—VMUG Advantage members have access to all this content! •  Learn more about VMware NSX using the VMware Hands-On Labs at http://hol.vmware.com 28

29. Questions & Answers

30. Thank You! Scott Lowe [email protected] Twitter: @scott_lowe Blog: http://blog.scottlowe.org GitHub:

    https://github.com/lowescott