By: Angelos Kottas, Senior Director of Product Marketing, Cloud Services, VMware and Matthew Kwok, Product Marketing Manager, Cloud Services, VMware
“How do I ensure that the public cloud is as secure as my on-premises environment?”
“Why do I have to re-architect my applications before they can work with the public cloud?”
“Why can’t I treat my private and public cloud resources as one single resource pool?”
If you have asked these questions, you understand why networking is often the key barrier to realizing the benefits of the hybrid cloud. We are pleased to announce that with the upcoming VMware vCloud Air Advanced Networking Services and VMware vCloud Air Hybrid Cloud Manager, the days of cloud resource silos, inconsistent on and off-premises security, and limited application portability will soon be over. Together, these new services open up the possibility of true hybrid networking across customers’ on and off-premises environments and to leverage the best of both to create hybrid applications.
Both Advanced Networking Services and the Hybrid Cloud Manager will be available for VMware vCloud Air Dedicated Cloud subscription customers starting in September 2015, with support for Virtual Private Cloud customers later this year.
VMware vCloud Air Advanced Networking Services
VMware vCloud Air Advanced Networking Services are a new model for public cloud security that improves overall network manageability and accelerates application time-to-market by delivering a powerfully agile and cost-efficient platform for zero-trust security. Built on VMware NSX technology, these services are the public cloud piece of VMware’s hybrid networking story.
Advanced Networking Services include:
- Trust Groups (i.e. micro segmentation): Implemented through stateful distributed firewalls, Trust Groups isolate and secure each VM and application down to the Layer 2 level, commonly seen as one of the most vulnerable points in network security. Centrally managed, inheritable, nestable, and portable, they are easily administered at scale and follow applications wherever they move in the cloud.
- Dynamic Routing: Both Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF)-based routing over VMware vCloud Air Direct Connect are supported to simplify network management and to ensure that critical cloud-hosted applications are always reachable.
- Network Scaling: Support for virtual network interfaces can be expanded from 10 to 200 routed network segments in a single virtual data center, allowing customers to mirror even their complex on-premises network topologies in the cloud and to migrate on-premises applications “as is.”
- High Capacity Connectivity: Point-to-site SSL and site-to-site IPsec VPN options enable up to 100 mobile devices and 1600 site connections to securely connect to a single gateway
- Enhanced Load Balancing: Scalable HTTPS-based load balancing with SSL offloading and log visibility to meet the demands of high web traffic and production workloads
Dedicated Cloud customers will get Dynamic Routing and basic Point-to-site SSL VPN capabilities added to the basic networking services that come included with every VMware vCloud Air Dedicated Cloud. The remaining services will be available through two premium add-on options.
VMware vCloud Air Hybrid Cloud Manager
Completing the hybrid networking story, VMware vCloud Air Hybrid Cloud Manager is a downloadable plug-in for vSphere that offers users a seamless option for customers to extend their on-premises data center into VMware vCloud Air. It is a single point of administration for VMware vCloud Air workloads and offers hybrid networking and bi-directional workload migration capabilities, simplifying on and off-premises resource integration and management of cloud workloads.
With the Hybrid Cloud Manager, VMware vCloud Air customers can utilize:
- Hybrid Management: single-pane-of-glass management and control of VMware vCloud Air workloads through the vSphere web client.
- Enhanced Workload Migration: bi-directional workload portability to and from VMware vCloud Air. Low-downtime, replication-based migration over an encrypted VPN connection or Direct Connect cuts VM downtime to minutes. Downtime is further reduced with software-based acceleration. Migrations can be scheduled for off-peak hours to minimize disruption, and are secured by bleeding-edge Suite-B encryption technology.
- Network Extension: Customers can stretch hundreds of on-premises network segments to a single edge gateway in the cloud through a Layer 2 VPN tunnel, seamlessly extending their on-premises data centers to the cloud and integrating on and off-premises resources. This can be done over the Internet (encrypted) or a Direct Connect, and it makes cloud bursting a reality since workloads can retain their IP and MAC addresses when moved to the cloud. Moreover, customers can start treating their on and off-premises resources as a single resource pool, architecting new hybrid applications that take advantage of the best of both worlds.
Dedicated Cloud customers may freely download the Hybrid Cloud Manager and manage their workloads through the vSphere web client. Enhanced Migration and Network Extension functionality will be available through premium add-on options, and there is no need to have NSX deployed on-premises to use the Hybrid Cloud Manager.
You can learn more about both of these new offerings at VMworld 2015 and even try them out yourself. Check out the breakout sessions and hands on lab below this week:
- Advanced Technical Deep Dive: HBC5201 – Technical Deep Dive on VMware vCloud Air Advanced & Hybrid Networking Services, Powered by VMware NSX
- Technical Deep Dive: HBC4851 – Now this is Hybrid! Hybrid management of VMware and VMware vCloud Air
- Hands on Lab: SPL-HBD-1682: VMware vCloud® Air™ – Networking & Security