The ability to securely interconnect physical and virtual datacenters with virtual private networks (VPNs) is one of the most important tools for customers and service providers alike. VPNs allow customers to securely connect their own physical, virtual, and cloud environments to virtual datacenters hosted by service providers, thereby eliminating the need to worry about loss or corruption while transferring data and enabling truly secure hybrid clouds.
Providers of vCloud Powered services have the VPN capability of VMware vShield Edge integrated into VMware vCloud Director 1.5. With vShield, customers can securely interconnect their enterprise datacenters with virtual datacenters in the cloud. VMware Service Providers can then become a continuous extension of customers’ datacenters, seamlessly integrating to make cloud adoption straightforward and secure. In this three part series, we will discuss how VPNs make hybrid cloud a reality, how to establish single and multi-site VPNs, as well as how to establish enterprise-to-site VPNs with vShield Edge.
vShield Edge and vCloud Director integration is important for both providers of vCloud Powered services and customers as it:
- Allows customers to provision security features based on a self-service model;
- Reduces operating costs for providers;
- Limits sharing of customer information with providers for increased security;
- Allows flexible scaling if necessary with option of additional vShield Edge deployments;
- Provides usage information to VMware vCenter Chargeback for billing purposes.
Note: Web load balancing and static routing are offered as additional value-added services by providers of vCloud Powered services via a vShield Edge Premium License.
Virtual Private Networks Enable Hybrid Clouds
Hybrid clouds interconnect multiple clouds over public networks, and vShield Edge VPNs allow these multiple clouds to be interconnected securely – thus making them work as if they are extensions of a single datacenter. Network topologies include the following:
- Multi-Site vCloud Deployment
vShield Edge VPNs are able to link multiple VMware vCloud deployments between clouds over public networks, whether an enterprise private cloud is connecting to the organization’s virtual datacenter in a service provider’s cloud or virtual datacenters hosted by multiple service providers.
- Single-Site VMware vCloud Deployment
vShield Edge VPNs can also link different virtual datacenters hosted by the same service provider—even in the same vCloud Director instance. This secures communication between networks hosted on shared infrastructure.
- Enterprise Site to vCloud Deployment
vShield Edge VPNs can connect enterprises’ fixed routers or firewall-based VPNs to virtual datacenters hosted by providers of vCloud Powered services. vShield Edge conveniently supports industry-standard IPsec-based VPNs, making it compatible with a wide range of devices.
In our next post, we will discuss connecting multiple virtual datacenters regardless of location, where both endpoints are vShield Edge appliances located at the perimeter of a virtual datacenter.
Log on to Partner Central and download the whitepaper to learn more. Visit VMware vShield Edge and vCloud Director for further information, and follow us at @vCloud and @VMwareSP for the latest vCloud news!