Archive

Category Archives for "VMware Network Virtualization Blog"

Getting More Out Of NSX Webcast Series

 

Each episode in this Getting More Out of NSX webcast series has its own topic, so there is no need to watch each episode to understand the next one. The episodes cover a variety of NSX features and explain in detail how NSX is the solution to key challenges faced by IT professionals. With the use of product demos, our NSX experts will show you how NSX allows granular control on an application by application basis to achieve the dream of universal security across the network. You will learn about:

  • NSX optimization for performance – how NSX eliminates the need for agent management and overprovisioning, thus reducing costs
  • NSX automated ubiquitous deployment & enforcement
  • NSX simplified policy management & automation across services

 

Now Available On-Demand

Episode 1: Deep Dive into NSX Service Composer, covered the mapping of applications, adding context to your Security Policy, and the NSX Service Composer and Application Rule Manager. Episode 2: Micro-segmentation Preparation and Planning with vRNI, covered how to perform Plan Security around Applications, build rulesets from Recommendations from vRNI, and verify rules compliance.

There is no need to watch Episodes 1 and 2 to understand Episodes 3 and 4 as each episode has its own topic. Episodes 1 and 2 can be accessed here.

 

Upcoming

Continue reading

Fortinet FortiGate-VMX and NSX use cases

NSX is an extensible platform; other vendors security solutions can be added to it by means of the Northbound REST API, and two private APIs: NETX for network introspection, and EPSEC for guest introspection.

Fortinet’s FortiGate-VMX solution uses the NSX NETX API to provide advanced layer 4-7 services via service insertion, also called service chaining.  This enables the additional inspection of VM traffic prior to that traffic reaching the vSwitch.  This enhances micro-segmentation where there is need for greater application recognition, anti-malware, and other Next Generation Firewall features.  The scale-out nature of NSX is maintained as NSX handles the instantiation of FortiGate service VMs on the hosts within the deployed cluster retaining its operational advantages, if the cluster grows additional FortiGate-VMX service machines will be created as needed.

 

 

One of the primary advantages to FortiGate-VMX is the availability of VDOMs for multi-tenancy in a service provider or enterprise environment – this enables segmenting traffic by organization, business group, or other construct in addition to application.  The segregation includes the administration, VDOMs are managed independently of one another, this can also be used to split the different security functions such as anti-virus, IPS, and application control into isolated units or only Continue reading

VMware AppDefense & CB Defense Demo

As you may have heard, VMware and Carbon Black have come together to deliver best-in-class security architected for today’s data centers.

In this demo, you’ll see an example of how CB Defense and VMware AppDefense combine to enforce known good application behavior and detect threats using industry leading detection and response technology.

For this demo, we’ll show how an advanced security breach can come in under the guise of an innocuous application (Powershell) and often go undetected.  We’ll walk through the steps that security teams can now take to respond and address the attack all in one application.

 

The post VMware AppDefense & CB Defense Demo appeared first on Network Virtualization.

VMware Cloud on AWS with NSX: Connecting SDDCs Across Different AWS Regions

I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. In my prior blog post, I discussed how with VMware Cloud on AWS (VMC on AWS) customers get the best of both worlds for their move to a Software Defined Data Center (SDDC) – the leading compute, storage, and network virtualization stack for enterprises deployed on dedicated, elastic, bare-metal, and highly available AWS infrastructure. Another benefit of VMC on AWS, and the focus of this post, is that you can easily have a global footprint by deploying multiple VMC SDDCs in different regions. Continue reading

Terminology Tuesday Presents: Data Gravity

Data Gravity is a concept first coined by Dave McCrory to describe the tendency of data to attract more data, applications and services.  As you may have guessed from the name, this principle has many parallels to Newton’s Theory of Universal Gravitation.

 

The basic premise is that a singular piece of data isn’t meaningful but with more data (metadata as it’s generally called) additional context (and therefore more meaning) can be derived.  When all that data is bundled with more applications and services, one can harness a considerable amount of power as evidenced by today’s trends towards data and analytics.

 

For example, let’s take this piece of data: 0.  Although we know what zero means conceptually, we don’t have any way to determine how we should feel about it.  Without any context just knowing the number 0 is essentially worthless.  If, for instance you were to know the additional data of “inventory of toy Elmos” + [insert where you live] you’d know that you need to make an only order and ASAP.

 

Data for larger institutions is just like this, except the concept of “friction” plays a larger role.  Data Friction Continue reading

VMware SDDC with NSX Expands to AWS

I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. There has been a lot of interest in the VMware Cloud on AWS  (VMC on AWS) service since its announcement and general availability. Writing this brief introductory post, the response  received confirmed the interest and value consumers see in this new service, and I hope to share more details in several follow-up posts.

VMware Software Defined Data Center (SDDC) technologies like vSphere ESXi, vCenter, vSAN, and NSX have been leveraged by thousands of customers globally to build reliable, flexible, agile, and highly available data center environments running thousands of workloads. I’ve also discussed prior how partners leverage VMware vSphere products and NSX to offer cloud environments/services to customers. In the VMworld Session NET1188BU: Disaster Recovery Solutions with NSX, I discussed how VMware Cloud Providers like iLand and IBM use NSX to provide cloud services like DRaaS. In 2016, VMware and AWS announced a strategic partnership, and, at VMworld this year, general availability of VMC on AWS was announced; this new service, and, how NSX is an integral component to this service, is the focus of this post.

Continue reading

VMware Closes Acquisition of VeloCloud Networks

As applications and data continue to be distributed more broadly from the data center to the edge, customers are increasingly relying on software-defined wide-area networks (SD-WANs) versus traditional networking for flexible, secure connectivity.  It’s for this reason that I am pleased to share that we officially closed our acquisition of VeloCloud Networks today, bringing their industry-leading, cloud-delivered SD-WAN solution to our growing software-based networking portfolio. The acquisition of VeloCloud significantly advances our strategy of enabling customers to run, manage, connect and secure any application on any cloud to any device.

VMware NSX was a game changer in the industry, and it has become the industry-leading implementation of network virtualization. Customers choose NSX because it delivers network and security services closest to the application. By adding VeloCloud’s SD-WAN solutions to our portfolio, we are extending our value in the enterprise and increasing our relevance with service providers by offering end-to-end automation, application continuity and security from data center to cloud edge. VeloCloud will bring the same properties to the wide-area network with an SD-WAN solution that provides full visibility, metrics, control and automation of all endpoints, resulting in better performance and availability for enterprise and cloud applications.

If you are a Continue reading

Terminology Tuesday Presents: ZTP

 

 

 

 

 

 

 

 

ZTP stands for Zero Touch Provisioning.  And, as a quick google search will quickly reveal, many other things as well.

 

Back to our ZTP.  ZTP is the process by which new network switches can be configured without much human involvement.   Notice that I said “much” and not “any”.  ZTP is not it’s not truly zero because something (someone!) needs to put the first components of the network together in order for the rest of the network to be built in a ZTP fashion.

 

Where provisioning many switches could have quite a while through ZTP processes it’s down to a matter of minutes.  Switches can also be updated automatically with any need for physical intervention.

 

The beauty of ZTP is the continued march towards more and more robust automation solutions.  Delightfully, once folks aren’t mired in the repetitive manual work they can move onto tasks that bring innovation to businesses and, more importantly, make jobs more enjoyable.  We also can’t ignore the fact that it renders moot a lot of the specialized skills that traditionally defined the role of a network engineer. Continue reading

Introducing NSX-T 2.1 with Pivotal Integration

Application architectures are evolving. That shouldn’t be news to anyone. Today, emerging app architectures that leverage container-based workloads and microservices are becoming mainstream, moving from science projects in development labs to enterprise production deployments at scale. The benefits are clear. Developers and the application lifecycle, become faster, more productive, more agile, and more responsive to the needs of the business.

 

 

Today we’re announcing NSX-T 2.1, which will enable advanced networking and security across these emerging app architectures, just as it does for traditional 3-tier apps. More specifically, NSX-T 2.1 will serve as the networking and security platform for the recently announced VMware Pivotal Container Service (PKS), a Kubernetes solution jointly developed by VMware and Pivotal in collaboration with Google. NSX-T 2.1 will also introduce integration with the latest 2.0 release of Pivotal Cloud Foundry (PCF), serving as the networking and security engine behind PCF. In these environments, NSX-T will provide Layer 3 container networking and advanced networking services such as load balancing, micro-segmentation, and more.

For development teams, these integrations mean that they will be able operate quickly and consume infrastructure as code. Meanwhile, their workflows will remain the same — fast and efficient — because NSX-T will integrate tightly with these application platforms, connecting directly into the Continue reading

Come Visit Us at AWS re:Invent!

We’ll be at AWS re:INVENT in Las Vegas all week (Nov 27 – Dec 1, 2017)!

Come say hi to the NSX Team at the VMware booth (#900 right as you walk in the main entrance) in the Expo Hall at the Venetian Hotel.  Stop by our booth to…

  • Check out a quick demo on VMware NSX Cloud
  • Attend a 30-minute in-booth session about VMware NSX Cloud (Thursday, Nov 30 at 11:30am)
  • Grab some swag
  • Play one of our booth games and win a prize – Apple iPhone 8, AWS Credits, Amazon Echo, T-Shirts, and more!
VMware Booth at AWS re:Invent

As always, continue the conversation with us on Twitter @vmwarensx or use the hashtag #RunNSX or #NSXMindset‏. We hope to see you at the show!

The post Come Visit Us at AWS re:Invent! appeared first on Network Virtualization.

Terminology Tuesday Presents: Blockchain

Think of Blockchain as primarily two things.  1) A peer-to-peer technology 2) A way of keeping a public record.

The technological backing of Blockchain is the ability to have many (many) computers host the same information.  Snippets of code (known as blocks) are duplicated and maintained in so many different places rendering fraud impossible.  The fact that each of these blocks is timestamped and unique makes it increasingly challenging to outsmart.  If you’re interested in learning more about the technological specifics there are a number of great resources online including this presentation by Binh Nguyen, IBM’s Blockchain Fabric Chief Architect.

Today, Blockchain is most commonly thought of in connection to Bitcoin as it describes the technology and process that we’ve all come to know as being so secure.  Bitcoin’s past affiliations with illegalities of all sorts have given a bad name to Blockchain but there are many benefits to secure transactions all with a public record as our purchases and currency become increasingly digital.

Want to learn more?  Check out these sources:

 

Terminology Tuesday is a new blog series.  What would you like Continue reading

Securing Native Cloud Workloads with VMware NSX Cloud Blog Series – Part 1: Getting Started

Introduction

As businesses evaluate their applications in the constantly evolving world of IT, new strategies are emerging for delivery. These strategies include keeping applications on-premises or moving them to one or more public cloud providers.

These public clouds come with their own networking and security constructs and policy management. This results in a new set of technology siloes that increases expense, complexity and risk:

This blog series will discuss the challenges of providing consistent networking and security policies for native cloud workloads, the value of VMware NSX Cloud, and walk through the process of securing and connecting applications running natively in the public cloud.

VMware NSX Cloud

VMware’s strategy is to enable businesses to create and deliver applications. To support new delivery strategies, VMware NSX Cloud provides consistent networking and security for native applications running in multiple public and private clouds. Utilizing a single management console and a common application programming interface, VMware NSX Cloud offers numerous benefits:

  • Unified Micro-Segmentation Security Policies – VMware NSX Cloud provides control over East-West traffic between native workloads running in public clouds. Security policies are defined once and applied to native workloads. These policies are supported in multiple AWS accounts, regions, and VPCs. Policies are Continue reading

Terminology Tuesday Presents: Microservices

Microservices is the philosophy of designing software programs by breaking what used to be a singular function or command into multiple components, known as services.  The ultimate goal is to reduce complexity and increase speed (basically the goal of anything nowadays).

 

Think of Thanksgiving.  A traditional approach would have the same person cook the entire meal.  And likely even do all the dishes.  Think of a world instead where you can assign different individuals (and ovens!) for cooking the turkey, gravy, mashed potatoes, stuffing and anything else that may grace your table.

 

 

Microservices delivers on this dream but also takes the principle to the next level.  Not just breaking up the request (multi-course dinner) into multiple services (turkey, salad, not burning the garlic bread) but making them really really minute.

 

“Services” that used to be inherently linear can now happen concurrently.  To go back to our Thanksgiving example, you could have the potatoes peeled at the same time they’re being mashed.  If we were able to avoid running into one another (part of the magic of software over families in kitchens) everything would become very efficient.

 

Want Continue reading

Remote User Authentication and RBAC with NSX-T

Remote user authentication and role based access control (RBAC) is an important requirement when deploying new systems in an organization, particularly in the networking world. For that matter, systems typically leverage RADIUS or Active Directory (AD) servers, to name a few.

NSX-T integrates with VMware Identity Manager (vIDM) to get the following benefits related to user authentication:

  • Support for extensive AAA Systems, including
    • AD-based LDAP, OpenLDAP
    • RADIUS
    • SmartCards / Common Access Cards
    • RSA Secure ID
  • Enterprise Single Sign-On
    • Common authentication platform across multiple VMware solutions
    • Seamless single sign-on experience


This blog post covers the main steps required to integrate NSX-T with vIDM and to configure roles that grant different privileges to different users
. It does not cover deployment and hardening of VMware Identity Manager (vIDM). At the end of the post, there is a link to a demo showing how to do the configuration and several role-based access tests.

Assuming that both NSX-T Manager and vIDM appliances are deployed, powered on and configured with the basic management details (IP address, admin users, etc.), the integration requires the following steps:

  1. Creating a OAuth client ID for the NSX-T Manager in vIDM
  2. Getting the vIDM appliance thumbprint
  3. Registering NSX-T Manager with Continue reading

Top 5 From The Last 3 Months

 

In the year 2017, news comes at you fast. So, it’s easy to miss the important or informational items that just weren’t on your radar when they first arrived. While we believe VMware NSX should be firmly on everyone’s virtualization radar, we understand that you may miss a few items from time to time. That’s why we’re putting together this VMware NSX news round-up.

This news round-up recaps the latest NSX-related material you may have missed over the past few months for you peruse at your leisure. We’ll compile these posts again from time to time, so be sure to keep your eye on this space for more VMware NSX news rounds-ups and informational posts!

Real World Use Cases for NSX and Pivotal Cloud Foundry

From the post: Pivotal Cloud Foundry (PCF) is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure “stuff” for them.

From building the container image, compiling it with the required runtime, deploying it in a highly available mode and connecting Continue reading

Abstract, Automate & Secure — From Data Center to Cloud to Edge

By Milin Desai, Vice President of Products, NSBU

It feels like only yesterday when we started our journey into networking at VMware. Even from the early beginnings in 2011, it became clear to some of us that the abstraction and operations model of virtualization for compute and memory, which completely transformed the modern data center, was something we needed to extend to networking. We understood that that a network based on software and abstraction in the long run would extend beyond our customers’ data centers to public clouds and ultimately to the Edge.

We’ve been executing on this vision for almost eight years; reinventing data center networking and enabling our customers to be smarter about how they secure, manage and connect their applications and users.

Starting with the Data Center

The Nicira acquisition, alongside our internal innovations, resulted in the release of VMware NSX in 2013. VMware NSX made network virtualization a mainstream possibility for the data center. The goal was simple — abstract the application from the physical network and deliver the networking attributes in software at machine speeds. After four years, multiple thousands of customers and the creation of a billion-dollar run rate business, we have transformed the Continue reading

VMware NSX/Kubernetes and F5 – A Cloud Native App Integration

Introduction

When Bob Dylan wrote back in the 60’s “times they are a-changin” it’s very possible he knew how true that would be today.  Last week, we saw a few things announced in the container technology space during the DockerCon event in Copenhagen – but one thing that I believe came as a surprise to many was Docker’s announcement to begin including Kubernetes in Docker Enterprise edition sometime in early 2018.  This doesn’t concede or mark the death of Docker’s own scheduling and orchestration platform, Docker Swarm, but it does underscore what we’ve heard from many of our customers for quite some time now – almost every IT organization that is using/evaluating containers has jumped on the Kubernetes bandwagon.  In fact, many of you are probably already familiar with the integration supported today with NSX-T 2.0 and Kubernetes from the post that Yves did earlier in the year…

In the past few years, we’ve heard a lot about this idea of digital transformation and what it means for today’s enterprise.  Typically, a part of this transformation is something called infrastructure modernization, and this happens because most IT environments today have some hurdles that need to Continue reading

Real world use cases for NSX and Pivotal Cloud Foundry

Pivotal Cloud Foundry (PCF) is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure “stuff” for them.

From building the container image, compiling it with the required runtime , deploying it in a highly available mode and connecting it to the required services, PCF allows dev shops to concentrate on developing their code.

While the platform is providing developers with the most simplified experience conceivable, under the hood there are many moving parts that make that happen and plumbing all these parts can be complex. That’s where customers are really enjoying the power of VMware’s SDDC, and the glue between the PaaS and SDDC layers is NSX, it is the enabler that makes it all work.

In this blog post I detail some of the main uses cases customers have already deployed NSX for PCF on top of vSphere and how PCF and NSX are much better together in the real world.

The use cases customers are deploying with NSX for PCF are varied and ill Continue reading

NSX Real World Use Cases for Pivotal Cloud Foundry

Pivotal cloud foundry is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure stuff for them.

From building the container image, compiling it with the required runtime, deploying it in a highly available mode and connecting it to the required services, PCF allows dev shops to concentrate on developing their code.

While the platform is providing developers with the most simplified experience conceivable, under the hood there are many moving parts that make that happen and plumbing all these parts can be complex. That’s where customers are really enjoying the power of VMware’s SDDC, and the glue between the PaaS and SDDC layers is NSX, it is the enabler that makes it all work.

In this blog post, I detail some of the main uses cases customers has already deployed NSX for PCF on top of vSphere and how PCF and NSX are much better together in the real world.

The use cases customers are deploying with NSX for PCF are varied and ill divide them Continue reading

Kubernetes in the enterprise with VMware NSX-T and vRealize Automation

We’ve all seen the VMware PKS announcement at VMworld 2017, and we are all excited about it. The idea of provisioning Kubernetes clusters in an easy way, with day-2 operations, inside your datacenters, has been a request from most of the VMware customers who are starting their journeys into the brave new cloud-native world. As we saw also from the announcement, PKS is currently under development by VMware, Google and Pivotal and is targeted for GA Q4 this year.

Until then, what if we have a solution today that you can start piloting right away without waiting? And what if it is based on the VMware solutions that you’ve grown to use and love. Better yet, what if we can add to that mix a solid networking and security capabilities to run your Kubernetes clusters in a self-service and IT governance to maintain your existing operational models?

Figure 1: Solution Overview

I’ve just started a new blog series that I named “Kubernetes in the Enterprise” which answers all those questions in a form of an enterprise-grade solution. This solution is very grounded to the real-world and business challenges, and driven by many discussions that I have been having with my Continue reading

1 17 18 19 20 21 28