subscribe: Daily Newsletter

 

Cure headaches by virtualising the network

0 comments

Kathy Gibson reports from VMWorld in Barcelona – The application has evolved, and dozens of compute nodes are responsible for delivering any application to the user.
In fact, the application has almost become the network, and getting it to the user involves a number of challenges to the IT organisation.
Martin Casado, senior vice-president: networking and security at VMware, says these challenges include provisioning, troubleshooting and security.
At the same time the infrastructure has evolved in to a software platform, he says.
Network virtualisation, delivered by VMware in NSX, creates what is essentially a network hypervisor that lets administrators create virtual networks that work similarly to virtual machines.
This solves the provisioning problem, Casado says. It also assists with troubleshooting.
Importantly, NSX runs across all vertical industries, with organisations of any size taking advantage of network virtualisation.
NSX 6.2 was launched a couple of weeks ago.
“The reality is that we have just begun with network virtualisation,” Casado says.
Guido Appenzeller, chief technology strategy officer at VMware, points out that the major challenge for administrators is connectivity across multiple clouds, with security, accessibility and management all stumbling blocks.
A new feature in NSX will allow organisations to easily provision new resources from private or public clouds that will run as if they are in the data centre. This extends from management to security, and can be carried out in minutes.
“This expands NSX into the public cloud, allowing you to manage the network outside your enterprise in the same way,” says Appenzeller.
Ian Jansen van Rensburg, chief technology officer at VMware SA, explains that security is top of mind for most organisations today. “Events like Sony and Ashley Madison have got people concerned that their sites could also be hacked.”
He says that most sites have their security on the outside, but it a hacker gets through the perimeter it’s relatively easy to move around and cause damage.
“If I was a criminal, the only thing you have to do is break the exterior security; once I get through the firewall, I can do what I want. And if you get on to one network, it’s connected to other networks.”
A more secure infrastructure is micro-segmentation, which is essentially a virtual firewall on the hypervisor layer.
“With this solution, every virtual machine has its own identity and security policies that are specific to that VM. When you move the VM, even from a private cloud to a public cloud, it’s security settings go with it,” Jansen van Rensburg explains.
However, breaches will inevitably happen despite the best security. “You are only as strong as your weakest link,” he says. “However, if you are hacked, micro-segmentation can help to contain the damage. If we see a threat we can isolate that threat and move it off the network.”
While its security architecture is the feature that tends to appeal to IT administrators, it’s not the only benefit that NSX offers.
“NSX is doing for networking what the cellular industry did for telephones,” says Jansen van Rensburg. “Before cellular phones, you had a phone number at home or at work and that’s where people could call you. Now, your cell phone allows you to have one number, and you get a call anywhere in the world.
“What NSX does is spin a layer two network over layer three routing. With virtual networking technology, you can stretch the VLAN over multiple sites.”
Why this is important is that it addresses many of the challenges involved in designing a new site. “A lot of work has to happen on the network,” says Jansen van Rensburg. “The network is one of the biggest headaches that IT people have. So the ability to stretch a network across multiple regions and clouds helps a lot.
“An application makes use of a few things: the network, application server, data server; it will use a switch and router, a load balancer and a firewall somewhere along the line. If you take those components and virtualize them, it just makes things so much easier.”