VMware NSX equips Armor with the ability to orchestrate each customer in a cloud-like environment while giving them a threat-tight security wrapper via micro-segmentation from day one. Continue reading
Category Archives: NSX Deployments
Applications are a vital component of your business…but are your applications and data safe? Have you considered implementing a Zero Trust model at your organization to protect your vital resources? Join this hour-long webcast on Tuesday, September 29, 2015 at 11:00 AM PST / 2:00 PM EST to find out how to leverage micro-segmentation to build a true Zero Trust data center network.
Join our guest speaker, John Kindervag, VP and Principal Analyst at Forrester Research, as he discusses the results of the August 2015 commissioned research study, “Leverage Micro-segmentation To Build A Zero Trust Network”, conducted on behalf of VMware. Kindervag will cover Forrester’s three key findings from the study:
- Security gaps and disconnects are the unfortunate norm across Enterprises today.
- Network virtualization helps to reduce risk and supports a higher-level security strategy.
- Micro-segmentation provided through network virtualization paves the way for implementing a Zero Trust model.
Protecting your data doesn’t have to be difficult! Reserve your spot for this webcast today.
Micro-Segmentation and Security at Tribune Media
And to learn more about how other leading organizations are using micro-segmentation to build a Zero Trust Model, watch the video below from David Giambruno, CIO of Tribune Media.
After three consecutive months attending 75 customer meetings throughout the U.S., Europe and Asia, I came away with plenty of frequent flyer miles and, more importantly, tons of insight to share with you.
What I learned from customers is that VMware NSX is truly a game-changer. And as we exit the second quarter, the list of customers excited about NSX is only getting bigger. We recently announced that we have grown from more than 150 VMware NSX customers a year ago, to more than 700 customers today. These customers are setting the stage for others to follow. They are providing best practices that we are feeding back to others, and giving us valuable insight into challenges they encounter along the way.
So as I promised, I’ve pulled together highlights from these meetings and condensed them into three key themes that emerged. For you IT pros out there reading this, let me know if any of this sounds familiar. Continue reading
Playing a part in the transformation of the networking industry has been one of the most rewarding opportunities of my career. On top of that I get the privilege of leading a team that continues to amaze me in their ability to execute. You’ve heard us talk about the more than 400 VMware NSX customers we have to date, 70+ of which are in production. You can safely assume that number is even higher today. Even more impressive is the fact that customers are making significant financial commitments to the architectural changes they are embarking on. In fact, as of last quarter we counted more than 50 organizations that have invested more than $1 million in NSX.
Now, it’s never easy for IT organizations to talk publicly about technologies they’ve purchased or deployed. This is all the more reason why I’m very grateful that VMware NSX customers have made time to speak publicly about the value they are deriving from VMware NSX to the financial community, at events such as RSA Conference, Palo Alto Networks Ignite and OpenStack Summit, and of course, to the press. No other vendor can claim more customers that are publicly discussing their investment, adoption or deployment of their SDN solution than VMware. Continue reading
VMware Technical Account Managers combine deep expertise with insights from successful implementations to provide unparalleled value to VMware customers’ business. Curtis Miller is a Technical Account Manager for VMware and in this post, which originally appeared on The VMware TAM Blog, he outlines how to help ensure success with VMware NSX TAM Services.
For networking, VMware NSX is a game-changer in the same way VMware vSphere was for data center servers. NSX virtualizes and consolidates legacy networking functionality back into a hypervisor. As a result, adding or changing network capabilities no longer requires the costly replacement of networking gear. It’s all software based—so upgrades are now just a right-click away.
The resulting cost savings are dramatic because network hardware is replaced far less often and used more efficiently. Deployment times and scalability improve substantially because networks can be created in minutes instead of weeks; and if demand falls, those resources can just as easily be reclaimed. Enhanced security via NSX’s micro-segmentation capabilities is another important benefit as well.
Read Curtis’ full blog here: http://blogs.vmware.com/tam/2015/03/ensuring-success-vmware-nsx-tam-services.html
Over the past 12 months, VMware NSX momentum has continued to grow, as we’ve added new platform capabilities, expanded our partner ecosystem, and of course, had more than 250+ customers purchase NSX for deployment. And as interest in VMware NSX has grown with both customers and IT professionals looking to evolve their careers by adding certification in network virtualization, one of the most common questions that we get is “How can I get started with NSX?.”
We understand that there is a strong demand for individuals and organizations to get their hands on the NSX technology. Many of you are working towards your initial VCP-NV certification. Others of you are exploring NSX as a way to improve your organization’s agility and security while reducing overall costs.
Here are three ways individuals and companies can get started with NSX. Continue reading
• Application Roll Out Reduced from Weeks to Minutes
• VMware NSX Enables Better Agility, Flexibility and Security
Recently I had the opportunity to speak with the team at Schuberg Philis about their successful, production deployment of VMware NSX. As background, Schuberg Philis is an innovative business technology company and an important player in the field of mission critical outsourcing services. The company serves customers across financial services, retail suppliers and utilities, and therefore must comply with the highest international risk management and corporate governance standards, while remaining flexible to evolving customer needs.
The adoption of VMware NSX based network virtualization has transformed the way Schuberg Philis runs its IT. In order to provide 100 percent functional up time of its customers’ critical applications, Schuberg Philis continuously optimizes its infrastructure and processes. However, the company increasingly saw its network as a barrier to increasing business agility.
To solve this challenge and to accelerate application roll out, the Schuberg Philis implemented a software-defined data center environment, and deployed VMware NSX. Schuberg Philis is taking advantage of the VMware NSX platform’s flexibility, security and agility to accelerate the deployment of applications to customers. Schuberg Philis customers now have easy access to the flexibility of the cloud, but within a certified, auditable environment, which includes built in controls and security.
Funs Kessen, cloud architect at Schuberg Philis, explained, “The process for spinning up new applications for customers used to take weeks to complete. Now we can do it in a little more than 18 minutes. This allows our customers to respond more quickly to business requirements and opportunities.
By fully automating the process, Kessen and team can offer Schuberg Philis customers complete access to the flexibility of the cloud within a certified environment, complete with all controls and security built in, and we’ve made it fully auditable.”
The adoption of VMware NSX based network virtualization has transformed the way Schuberg Philis runs its IT.
Kessen noted, “With VMware NSX in our software-defined data center, we can focus on applications, and not on the infrastructure,”
Adoption of network virtualization and SDN technologies from VMware and Arista Networks simplifies cloud infrastructure and enables automation to reduce timescales of cloud and network service provisioning
Offering the largest enterprise-class cloud footprint in Europe, Colt, an established leader in delivering integrated network, data center, voice and IT services, has implemented software- defined networking [SDN] and network virtualization to simplify how its managed IT and cloud-based networking environment is deployed, managed and scaled throughout its data centers.
Following an extensive review, Colt selected Arista to provide high speed 10 and 40 gigabit Ethernet cloud-centric switches as an underlay network fabric and VMware NSX™ network virtualization to deliver a fully decoupled software network overlay.
SDN paves the way for automated cloud service delivery
The shift to SDN will provide a flexible, scalable, efficient and cost effective way to support the delivery of Colt’s managed IT services, including cloud based services. This makes Colt one of the first service providers in Europe to adopt SDN in a production environment to remove automate cloud service delivery.
As a result of deploying a new network architecture based on Arista and VMware networking technologies, the time for Colt to add, change or modify services will now take minutes rather than days, and will enable Colt to onboard customers faster and expand its service portfolio quicker.
The big transformation in IT in recent years has been the development of cloud services with IT capacity purchased on-demand. In contrast, networking has remained relatively static. The adoption of server virtualization over the past decade as the foundation for cloud computing and IT-as-a-service have resulted in a completely new operational model for provisioning and managing application workloads. However, the operating model of the network to which dynamic virtualized services are connected has not evolved to help businesses achieve the full benefits of mobile-cloud.
Mirko Voltolini, VP Technology and Architecture at Colt says, “The excitement around SDN and network virtualization is that – for the first time – networking is becoming more software orientated so we’re able to dynamically orchestrate service modification and activation in real-time. In other words, network connectivity can now keep up when virtual machines and associated compute and storage change or are moved within distributed data centers. Ultimately this means that servers, storage and now the network are in synch so that we can meet the specific needs of our customers in a timescale they demand.”
With more than 25,000 customers worldwide, Colt offers an information delivery platform comprising network, voice, data center and IT services sold directly to its enterprise customers or indirectly via channel partners and operators. In Europe, it has invested significantly to create a pan European network spanning 22 countries, 195 connected cities, around 19,800 buildings, as well as operating 42 metropolitan area networks.
Turning to the specialist technology firms has really delivered
Colt first considered adopting network overlay technology three years ago. It went out to tender approaching only large, mainstream technology suppliers and was disappointed by the response received. The cost was too great and solutions not really mature enough to warrant changing. Eighteen months ago, it revisited the process given the technology had evolved, expanding the shortlist of suppliers asked to provide proposals to include specialist firms like Arista and VMware.
VMware NSX enables Colt to decouple the data center network from the underlying physical hardware to gain massive scale while simplifying network design and operations. With NSX, Colt is able to consolidate operations for four disparate physical networks running in the data center and manage these networks as a single logical network. Colt has developed a new data center architecture that leverages the scalability of a Layer 3 data center fabric and NSX’s overlay network virtualization platform.
Chris King, vice president, product marketing, networking and security business unit at VMware, said, “Colt is an all too common story of an organization that simply hit the limits of what the physical network could provide in a virtualized world. VLAN limitations prevented Colt’s ability to scale. They needed to simplify the physical infrastructure in order to gain flexibility which in turn would allow them to adapt quickly to the business environment. VMware NSX helped Colt successfully execute a data center re-architecture which can now operate at cloud scale with better performance, easier management and lower overall costs.”
In addition to wanting to capitalize on the all the benefits offered by network overlays, the requirement for a new switch supplier was driven by Colt’s need to replace its existing legacy switches which had reached end of life and are not supported anymore. Furthermore, the business wanted to reduce the total cost of ownership [TCO] of its networking equipment.
Voltolini explains, “Our target was to reduce the unit cost of our switches which includes the cost per port, along with maintenance, power, space and so on. We wanted a step change in TCO which we will now achieve working with Arista.”
VXLAN addresses the limitations of Spanning Tree
From a technical perspective, Colt also wanted to move away from legacy protocols like Spanning Tree protocol which requires ports to be available – but not used – to deliver service availability. This underutilizes switch assets and adds unnecessary cost to its operation. Moreover, Colt required new switches which could scale to support increased connectivity capabilities both in terms of the number of ports [so that more customers can be connected] as well as logical scale.
Voltolini says, “The new VXLAN protocol removes traditional Ethernet limitations which is crucial for a service provider so that we can handle multiple tenants per port across numerous physical locations.”
Ultimately Arista switches will be installed in all Colt data center locations, the roll out of which will be driven by service and capacity demands. The expectation is that this will happen over the next 18 to 24 months. Deployment is made straightforward as all Arista switches – irrespective of port count or speed – feature the same network operating system, the Arista EOS.
Mark Foss, VP Global Operations and Marketing, concludes, “It is important to stress that this project is one of collaboration. Being an innovative nimble company, we’re accommodating Colt’s requirements and helping shape their service design, while they’re guiding us in terms of our future product roadmap so we develop features pertinent to all cloud service providers.”
VMware NSX and Palo Alto Networks are transforming the data center by combining the fast provisioning of network and security services with next-generation security protection for East-West traffic. At VMworld, John Spiegel, Global IS Communications Manager for Columbia Sportswear will take the stage to discuss their architecture, their micro-segmentation use case and their experience. This is session SEC1977 taking place on Tuesday, Aug 26, 2:30-3:30 p.m.
Micro-segmentation is quickly emerging as one of the primary drivers for the adoption of NSX. Below, John shares Columbia’s security journey ahead of VMworld
When I started at Columbia, we were about a $500 million company. Now we’re closing in on $2 billion and hoping to get to $3 billion rather quickly. So as you can imagine, our IT infrastructure has to scale with the business. In 2009, we embarked on a huge project to add a redundant data center for disaster recovery. As part of the project, we partnered with VMware and quickly created a nearly 100% virtualized datacenter. It was a huge success. But something was missing; a security solution that matched our virtualized data center. There just wasn’t a great way to insert security in order to address east-west traffic between VMs, nor have the security tied to the applications as they moved around dynamically.
We set out looking for a solution to bridge that gap.
To address our security needs in the data center, we looked at several different strategies and at that time, there really weren’t any good solutions. Many of the solutions were physical in nature. They required us to do some crazy configurations to apply security. We looked at the Cisco 6500 firewall blades, Juniper’s virtual solution and a few other lightweight security offerings, but they just didn’t have what we needed. The solutions at the time didn’t have what we needed. We kept looking.
At VMworld last year, we were introduced to VMware NSX. I saw the power of the platform, and it all started to click. And when Palo Alto Networks (our perimeter firewall vendor) announced they were a major partner, and that their technology integrated with NSX to give us an additional level of security, things really came together for us. The ability to drive security down into the infrastructure, down to the kernel level, and then take advantage of Palo Alto Networks next generation security was very attractive. Doing micro-segmentation with NSX, and then having the option of inserting next generation firewalling services from Palo Alto Networks in those areas of the business that require them, will really help us improve our overall security posture. A solution like this is where we need to be. These tools give us the ability to manage both physical and virtual security policies centrally with Palo Alto Networks management tool Panorama. I know that when workloads move the security and policies follow the workloads.
To me, that’s what it is about – advanced security inside the data center, plus automation via software that’s completely independent of the underlying physical infrastructure. With solutions such as NSX and the integration with Palo Alto Networks to provide advanced security services, we are going put security back in the data center, the right way.=
[This post was co-authored by VMware’s Bruce Davie and Ken Duda from Arista Networks, and originally appeared on Network Heresy]
Almost a year ago, we wrote a first post about our efforts to build virtual networks that span both virtual and physical resources. As we’ve moved beyond the first proofs of concept to customer trials for our combined solution, this post serves to provide an update on where we see the interaction between virtual and physical worlds heading.
Our overall approach to connecting physical and virtual resources can be viewed in two main categories:
- terminating the overlay on physical devices, such as top-of-rack switches, routers, appliances, etc.
- managing interactions between the overlay and the physical devices that provide the underlay.
The latter topic is something we’ve addressed in some other recent posts (here, here and here) — in this blog we’ll focus more on how we deal with physical devices at the edge of the overlay. Continue reading