The need for substantive network security in schools has never been greater. According to ID Analytics, more than 140,000 minors are victims of identity fraud per year—and when their data is exposed, it is misused more frequently. One reason for this is that minors’ clean credit reports can make them extra attractive to identity thieves.
“The educational space is extremely concerned about ensuring [that] Personally Identifiable Information (PII) about students, and their respective data, is kept safe, secure, and only used for the learning environment,” says Jason Radford, head of operations for IlliniCloud. Continue reading →
VMware NSX equips Armor with the ability to orchestrate each customer in a cloud-like environment while giving them a threat-tight security wrapper via micro-segmentation from day one.Continue reading →
What will be our security challenge in the coming decade? Running trusted services even on untrusted infrastructure. That means protecting the confidentiality and integrity of data as it moves through the network. One possible solution – distributed network encryption – a new approach made possible by network virtualization and the software-defined data center that addresses some of the current challenges of widespread encryption usage inside the data center. Continue reading →
VMware NSX has been around for more than two years now, and in that time software-defined networking and network virtualization have become inextricably integrated into modern data center architecture. It seems like an inconceivable amount of progress has been made. But the reality is that we’re only at the beginning of this journey.
The transformation of networking from a hardware industry into a software industry is having a profound impact on services, security, and IT organizations around the world, according to VMware’s Chief Technology Strategy Officer for Networking, Guido Appenzeller.
“I’ve never seen growth like what we’ve found with NSX,” he says. “Networking is going through a huge transition.” Continue reading →
NSX 6.2 was released on August 20, 2015. One of the key features in NSX 6.2 is Cross vCenter Networking and Security. This new capability scales NSX vSphere across vCenter boundaries. Now, one can span logical networking and security constructs across vCenter boundaries irrespective of whether the vCenters are in adjacent racks or across datacenters (up to 150ms apart). This enables us to solve a variety of use cases including:
Capacity pooling across vCenters
Simplifying data center migrations
Cross vCenter and long distance vMotion
With Cross vCenter Networking & Security one can extend logical switches (VXLAN networks) across vCenter boundaries enabling a layer 2 segment to span across VCs even when the underlying network is a pure IP / L3 network. However, the big innovation here is that with NSX we can also extend distributed routing and distributed firewalling seamlessly across VCs to provide a comprehensive solution as seen in the figure below.Continue reading →
The basis of competition has shifted from individual products and technologies to platforms,
but with everyone aspiring to be a platform the bar is set high. A platform must be a value-creation entity, underpinned by a robust architecture that includes a set of well-integrated software artifacts and programming interfaces to enable reuse and extensibility by third parties. Platforms must support an ecosystem that can function in a unified way, foster interactions among its members and orchestrate its network of partners. And finally, platforms must adhere to the network effect theory which asserts that the value of a platform to a user increases as more users subscribe to it, in effect, creating a positive feedback loop.
The VMware NSX network virtualization platform meets this criteria resoundingly. NSX is specifically designed to provide a foundation for a high-value, differentiated ecosystem of partners that includes some of the networking industry’s most significant players. The NSX platform leverages multi-layered network abstractions, an extensible and distributed service framework with multiple entry points, and transparent insertion and orchestration of partner services. What distinguishes NSX from other platforms is its inherent security constructs which partner solutions inherit, and a context sharing and synchronization capability that allows partners to fine-tune the delivery of their services on the NSX platform inside the data center in a closed feedback loop. Continue reading →
Nemtallah Daher is Senior Network Delivery Consultant at the consulting firm AdvizeX Technology. Recently he took some time out of his day to talk with us about why, as a networking guy, he thinks learning about network virtualization is critical to further one’s career.
I’ve been at AdvizeX for about a year now. I do Cisco, HP, data center stuff, and all sorts of general networking things: routing, switching, data center, UCS. That kind of stuff. Before coming to AdvizeX, I was a senior network specialist at Cleveland State University for about 20 years.
I started at Cleveland State in 1988 as a systems programmer, working on IBM mainframe doing CICS, COBOL and assembler. About 2 years after I started at Cleveland State, networking was becoming prevalent, and the project I was working on was coming to an end, so they asked me if I would help start a networking group. So from a small lab here, a building here, a floor there, I built the network at Cleveland State. We applied for a grant to get some hardware, applied for an IP address, domain name, all these things. There was nothing at the time, so we did everything. We incorporated wireless about 10 years in. Over time it became a ubiquitous, campus-wide network. So that’s my brief history. Continue reading →
Ron Flax is the Vice President of August Schell, a reseller of VMware products and IT services company that specializes in delivering services to commercial accounts and the federal government, particularly intelligence and U.S. Department of Defense. Ron is a VCDX-NV certified network virtualization professional and a VMware vExpert. We spoke with Ron about network virtualization and the NSX career path.
The most exciting thing about network virtualization, I think, is the transformative nature of this technology. Networks have been built the same way for the last 20 to 25 years. Nothing has really changed. A lot of new features have been built, a lot of different technologies have come around networks, but the fundamental nature of how networks are built has not changed. But VMware NSX, because it’s a software-based product, has completely altered everything. It enables a much more agile approach to networks: the ability to automate the stand-up and tear-down of networks; the ability to produce firewalling literally at the virtual network interface. And because things are done at software speed, you can now make changes to the features and functions of networking products at software speed. You no longer have to deal with silicon speed. It’s very, very exciting. With a software-based approach, you can just do so much more in such a small amount of time.
What we’re hearing from customers, at this point, is that they’re very interested to learn more. They’re at a phase where they’re ready to get their hands dirty, and they really want to understand it better. What’s driving a lot of adoption today is security, it is our foot in the door. When you speak with customers about the security aspects, the micro-segmentation capabilities, you may not even have to get to a virtual network discussion. Once you get the security aspect deployed, customers will see it in action and then a few weeks later will say, ‘Hey, you know, can you show me how the new router works?’ or ‘Can you show me how other features of NSX work?’ That’s when you can start to broaden your approach. So these compelling security stories like micro-segmentation or distributed firewalling get you in and get the deployment started, but ultimately it’s the flexibility of being able to deliver networks at speed, in an agile way, through software, through automation, that’s the home run. Continue reading →
Over the past 12 months, VMware NSX momentum has continued to grow, as we’ve added new platform capabilities, expanded our partner ecosystem, and of course, had more than 250+ customers purchase NSX for deployment. And as interest in VMware NSX has grown with both customers and IT professionals looking to evolve their careers by adding certification in network virtualization, one of the most common questions that we get is “How can I get started with NSX?.”
We understand that there is a strong demand for individuals and organizations to get their hands on the NSX technology. Many of you are working towards your initial VCP-NV certification. Others of you are exploring NSX as a way to improve your organization’s agility and security while reducing overall costs.
Here are three ways individuals and companies can get started with NSX. Continue reading →
Last week we hosted the Open vSwitch 2014 Fall Conference, which was another great opportunity to demonstrate our continued investment in leading open source technologies. To get a sense of the energy and enthusiasm at the event, take a quick view of this video we captured with attendees.
I’ve been thinking about the key takeaways from everything I saw and everyone I spoke with.
First, there’s huge interest in Open vSwitch performance, both in terms of measurement and improvement. The talks from Rackspace and Noiro Networks/Cisco led me to believe that we’ve reached the point where Open vSwitch performance is good enough on hypervisors for most applications, and often faster than competing software solutions such as the Linux bridge.
Talks from Intel and one from Luigi Rizzo at the University of Pisa demonstrated that by bypassing the kernel entirely through DPDK or netmap, respectively, we haven’t reached the limits of software forwarding performance. Based on a conversation I had with Chris Wright from Red Hat, this work is helping the Linux kernel community look into reducing the overhead of the kernel, so that we can see improved performance without losing the functionality provided by the kernel.
Johann Tönsing from Netronome also presented a talk describing all the ways that Netronome’s NPU hardware can accelerate OpenFlow and Open vSwitch; I’ve talked to Johann many times before, but I had never realized how many different configurations their hardware supports, so this was an eye-opening talk for me.
Next, enhancing Open vSwitch capabilities at L4 through L7 is another exciting area. Our own Justin Pettit was joined by Thomas Graf from Noiro to talk about the ongoing project to add support for NAT and tracking L4 connections, which is key to making Open vSwitch capable of implementing high-quality firewalls. A later talk by Franck Baudin from Qosmos presented L7 enhancements to this capability.
The final area that I saw highlighted at the conference is existing applications for Open vSwitch today. Peter Phaal from InMon, for example, demonstrated applications for sFlow in Open vSwitch. I found his talk interesting because although I knew about sFlow and had talked to Peter before, I hadn’t realized all of the varied uses for sFlow monitoring data. Vikram Dham also showed his uses for MPLS in Open vSwitch and Radhika Hirannaiah her use case for OpenFlow and Open vSwitch in traffic engineering.
I want to thank all of our participants and the organizing committee for helping to put together such an amazing event.