Zentera Systems CoIP Platform

Size: px
Start display at page:

Download "Zentera Systems CoIP Platform"

Transcription

1 Application Note Zentera Systems CoIP Platform Traffic Isolation Using CoIP Traffic Isolation is Critical to Network Security An important attribute of any network is that it ensures certain types of traffic are isolated from other traffic in the network. Traffic is defined as the information traveling across a network, including both user data and network-related information. Traffic isolation is the process of dividing a network into smaller sections to improve overall network performance. Isolation provides an additional level of security to network traffic. Providing traffic isolation to secure data, especially in multi-tenant situations, such as datacenters and the public cloud, is a security priority. In on-premise networks, physical devices such as network switches and routers are used to segment networks. These devices keep traffic from flowing between network segments by isolating traffic to appropriate sections of the network. However, with the recent widespread shift in network architectures from physical to virtual, as well as the emergence of SDN and the cloud, providing traffic isolation has become difficult and complex. The Zentera CoIP platform provides a set of overlay networking and security tools that enable setup and isolation of networks that span public and private clouds along with enterprise datacenters. With CoIP, traffic can be isolated and secured within a day, without changes to existing security infrastructure. This application note presents a next-generation isolation solution based on CoIP, starting with how isolation is typically done. The next section outlines how CoIP offers isolation, and the closing section shows how to deploy traffic isolation by using CoIP. Conventional Approaches to Network Isolation Network isolation today is done through VLAN and VXLAN. However, these technologies do not allow for cloud technology as they were not created with the cloud in mind.

2 VLAN Traffic Isolation Traffic isolation was originally done via VLAN by virtualizing the bridging table of an L2 switch so that traffic traveling from one VLAN cannot bleed into another VLAN. However, VLAN offers only 4,000 isolated segments. Figure 1 illustrates a typical VLAN deployment. Figure 1: VLAN Traffic Isolation VXLAN Traffic Isolation VXLAN provides traffic isolation in L2 and is a replacement for VLAN. It overcomes the limitations of VLAN by offering 16 million isolated segments that span across L3 network (IP) boundaries. VXLAN is commonly used in datacenters or private clouds for isolation, datacenter extension, and multi-tenancy, but it is difficult for cloud customers to extend or implement in the public cloud. Furthermore, while VXLAN packets are encapsulated, VXLAN does not offer encryption, which is a key security requirement for many customers. Figure 2 illustrates a typical VXLAN deployment. Figure 2: Typical VXLAN Deployment 2 Zentera Systems All Rights Reserved 2Q2017

3 CoIP Provides Traffic Isolation The CoIP platform is an on-demand virtual overlay network that provides deeply integrated defense-indepth capabilities network isolation, network encryption, micro-segmentation, and application whitelisting. The platform is transport and cloud-agnostic, and can be deployed rapidly without interfering with existing infrastructure or security measures. Key Components CoIP consists of the following components: a centralized controller (zcenter) with deployment automation; CoIP LAN and WAN; and endpoint sensors for virtual machines (VMs), containers, and compute endpoints. APIs are provided to integration partners including industry-leading security providers to extend their offerings (e.g., IPS/IDS solutions) to IaaS clouds such as AWS, Azure, and Google Cloud. Figure 3 illustrates a conceptual multicloud CoIP deployment p- Figure 3: Multicloud CoIP Deployment 3 Zentera Systems All Rights Reserved 2Q2017

4 Isolating Traffic Using CoIP CoIP is a non-interfering, multicloud network security solution that leverages underlying network and security infrastructure via a virtual overlay network. In essence, CoIP decouples the application layer from the underlying network layer. In contrast to VLAN and VXLAN, CoIP operates at L5. Virtual Overlay Enclaves CoIP provides traffic isolation through virtual overlay enclaves, which are network groupings that span across multiple datacenters, public clouds, and private clouds. A virtual enclave is a whitelisted virtual network that connects an isolated group of CoIP endpoints. CoIP endpoints can be VMs, physical servers, or containers. Such an enclave is completely segmented from other enclaves and the underlying networks. Additionally, traffic between endpoints can be encrypted end-to-end for enhanced security. Figure 4 illustrates five types of enclaves including IaaS Cloud, On-Prem, Multicloud, On-Prem- Multicloud, and On-Prem-Cloud. Figure 4: Isolated Virtual Overlay Enclave Types Application Tier Isolation CoIP also provides application tier isolation via micro-segmentation and application interlock. Application interlock is an L7 filtering mechanism where only whitelisted (enterprise-specified) applications are permitted to use the CoIP virtual overlay network. Figure 5 illustrates a three-tier application with isolation between the tiers using CoIP. 4 Zentera Systems All Rights Reserved 2Q2017

5 Figure 5: Three-Tier Isolation on the CoIP Network Deploying Traffic Isolation Using CoIP The CoIP controller is designed to manage multicloud deployments. It can be located in the enterprise datacenter or any private or public cloud (Azure, AWS, etc.). As illustrated in Figure 6, the CoIP Controller provides two levels of enclaves for isolation: project isolation and application profile isolation. Deployment Scenario This deployment scenario focuses on project level isolation. The project consists of a CoIP Controller running on an enterprise datacenter, three compute resources in AWS, a resource in the enterprise datacenter, and two applicationlevel enclaves (managed by the CoIP controller), as shown in Figure 7. All compute resources in this example are running Linux CentOS. Figure 6: CoIP Controller manages multiple projects 5 Zentera Systems All Rights Reserved 2Q2017

6 Figure 7: Service Isolation between Enclaves Enclave Configuration Procedure Step Description 1 Create Cloud Project 2 Create and Activate Enclave (Application Profile) 3 Create Cloud Domain/s 4 Create Server Group/s 5 Create Virtual Networks to Connect Server Groups Enclave configuration via the CoIP controller. Step 1: Create Cloud Project 6 Zentera Systems All Rights Reserved 2Q2017

7 Step 2: Create and activate Enclave (Application Profile) Step 3: Create Cloud Domain/s Step 4: Create Server Group/s 7 Zentera Systems All Rights Reserved 2Q2017

8 Step 5: Create Virtual Networks to connect Server Groups Service Isolation Verification Each enclave in Figure 7 contains two server groups each hosting one virtual machine. Note overlapping CoIP addresses. Enclave 1 VMs can communicate over the CoIP network. Enclave 2 VMs can communicate over CoIP Network. Enclave 1 VM (aws2) connects to The following series of screenshots show service isolation as packets (from aws2) hitting aws1 (same enclave) but not aws3 (uses same CoIP as aws1 but resides in different enclave). aws2 aws1 aws3 8 Zentera Systems All Rights Reserved 2Q2017

9 This verifies that CoIP service isolation prohibits compute resources from communicating across enclaves. In contrast to VXLAN, CoIP provides encryption and can be easily deployed in multicloud environments including public clouds. 9 Zentera Systems All Rights Reserved 2Q2017

Security Considerations for Cloud Readiness

Security Considerations for Cloud Readiness Application Note Zentera Systems CoIP Platform CoIP Defense-in-Depth with Advanced Segmentation Advanced Segmentation is Essential for Defense-in-Depth There is no silver bullet in security a single solution

More information

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design White Paper Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design Emerging IT technologies have brought about a shift from IT as a cost center to IT as a business driver.

More information

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure

More information

Cross-Site Virtual Network Provisioning in Cloud and Fog Computing

Cross-Site Virtual Network Provisioning in Cloud and Fog Computing This paper was accepted for publication in the IEEE Cloud Computing. The copyright was transferred to IEEE. The final version of the paper will be made available on IEEE Xplore via http://dx.doi.org/10.1109/mcc.2017.28

More information

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking

More information

VXLAN Overview: Cisco Nexus 9000 Series Switches

VXLAN Overview: Cisco Nexus 9000 Series Switches White Paper VXLAN Overview: Cisco Nexus 9000 Series Switches What You Will Learn Traditional network segmentation has been provided by VLANs that are standardized under the IEEE 802.1Q group. VLANs provide

More information

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS E-Guide TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS SearchSDN T here is some confusion surrounding as there is no one definition. In this exclusive guide, you ll find ten to help you better understand

More information

Cisco Cloud Application Centric Infrastructure

Cisco Cloud Application Centric Infrastructure Cisco Cloud Application Centric Infrastructure About Cisco cloud application centric infrastructure Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI) is a comprehensive solution for simplified

More information

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN Ariful Huq Product Management @arifulhuq & Rob McBride Marketing @digitalmcb Industry trends impacting networking Cloud Mobile Social 2

More information

2018 Cisco and/or its affiliates. All rights reserved.

2018 Cisco and/or its affiliates. All rights reserved. Beyond Data Center A Journey to self-driving Data Center with Analytics, Intelligent and Assurance Mohamad Imaduddin Systems Engineer Cisco Oct 2018 App is the new Business Developer is the new Customer

More information

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer 21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal By Adeyemi Ademola E. Cloud Engineer 1 Contents Introduction... 5 1.2 Document Purpose and Scope...5 Service Definition...

More information

WHITE PAPER MICRO-SEGMENTATION. illumio.com

WHITE PAPER MICRO-SEGMENTATION. illumio.com MICRO-SEGMENTATION CONTENTS OVERVIEW Business drivers Current challenges with micro-segmentation The Illumio solution CURRENT APPROACHES TO MICRO-SEGMENTATION IP address rules VLANs Firewall zones Software-defined

More information

Implementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN

Implementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN This module provides conceptual information for VXLAN in general and configuration information for layer 2 VXLAN on Cisco ASR 9000 Series Router. For configuration information of layer 3 VXLAN, see Implementing

More information

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN S O L U T I O N O V E R V I E W SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN Today s branch office users are consuming more wide area network (WAN) bandwidth

More information

Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH Cisco Tetration Analytics Demo Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH Agenda Introduction Theory Demonstration Innovation Through Engineering

More information

Cloud e Datacenter Networking

Cloud e Datacenter Networking Cloud e Datacenter Networking Università degli Studi di Napoli Federico II Dipartimento di Ingegneria Elettrica e delle Tecnologie dell Informazione DIETI Laurea Magistrale in Ingegneria Informatica Prof.

More information

Guide to SDN, SD-WAN, NFV, and VNF

Guide to SDN, SD-WAN, NFV, and VNF Evalu- ation Guide Technical Brief SD-WAN, NFV, and With so many acronyms and each one building on another, it can be confusing about how they work together. This guide describes the difference. 006180206

More information

Cloud e Datacenter Networking

Cloud e Datacenter Networking Cloud e Datacenter Networking Università degli Studi di Napoli Federico II Dipartimento di Ingegneria Elettrica e delle Tecnologie dell Informazione DIETI Laurea Magistrale in Ingegneria Informatica Prof.

More information

IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture

IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture Date: 2017-03-29 Version: 1.0 Copyright IBM Corporation 2017 Page 1 of 16 Table of Contents 1 Introduction... 4 1.1 About

More information

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV. 2 CHAPTER Cisco's Disaster Recovery as a Service (DRaaS) architecture supports virtual data centers that consist of a collection of geographically-dispersed data center locations. Since data centers are

More information

Table of Contents HOL-PRT-1305

Table of Contents HOL-PRT-1305 Table of Contents Lab Overview... 2 - Abstract... 3 Overview of Cisco Nexus 1000V series Enhanced-VXLAN... 5 vcloud Director Networking and Cisco Nexus 1000V... 7 Solution Architecture... 9 Verify Cisco

More information

Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers

Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers VMware vcloud Network VMware vcloud Architecture Toolkit for Service Providers Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers Version 2.8 August 2017 Harold Simon 2017 VMware,

More information

SUSE Linux Enterprise 15. #MultimodalOS

SUSE Linux Enterprise 15. #MultimodalOS SUSE Linux Enterprise 15 #MultimodalOS SUSE is Redefining What it Means to be Open Open Source Community Customers & Partners Committed to open source Being a leader and contributor within the open source

More information

Dedicated Hosted Cloud with vcloud Director

Dedicated Hosted Cloud with vcloud Director VMware vcloud Architecture Toolkit for Service Providers Dedicated Hosted Cloud with vcloud Director Version 2.9 April 2018 Harold Simon 2017 VMware, Inc. All rights reserved. This product is protected

More information

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing SD-WAN 101 November 3 rd 2016 Rob McBride Marketing Email: rob@viptela.com Twitter: @digitalmcb Industry trends impacting networking Cloud Mobile Social 2 Today s WAN is challenged to keep up Complex Operations

More information

Microsoft Azure for AWS Experts

Microsoft Azure for AWS Experts Microsoft Azure for AWS Experts OD40390B; On-Demand, Video-based Course Description This course provides an in-depth discussion and practical hands-on training of Microsoft Azure Infrastructure Services

More information

AWS Reference Design Document

AWS Reference Design Document AWS Reference Design Document Contents Overview... 1 Amazon Web Services (AWS), Public Cloud and the New Security Challenges... 1 Security at the Speed of DevOps... 2 Securing East-West and North-South

More information

WAN and Cloud Link Analytics for Enterprises

WAN and Cloud Link Analytics for Enterprises Solution brief WAN and Cloud Link Analytics for Enterprises Enterprises rely heavily on cloud and WAN links, but there is little visibility into performance issues for these connections. New and better

More information

SEVONE END USER EXPERIENCE

SEVONE END USER EXPERIENCE Insight for the Connected World End User Experience [ DataSheet ] SEVONE END USER EXPERIENCE INSIGHTS FROM THE USER PERSPECTIVE. Software, applications and services running on the network infrastructure

More information

VMware vshield Edge Design Guide

VMware vshield Edge Design Guide ware Technical WHITE PAPER ware Overview The new virtual datacenter (vdc) infrastructure deployments enable IT to provide on-demand infrastructure services to its customers on a common, shared infrastructure

More information

VXLAN VTEP Gateway with Pica8 and VMware NSX

VXLAN VTEP Gateway with Pica8 and VMware NSX with Pica8 This paper outlines how Pica8 s OS (PicOS) running on a White Box SDN switch is used as a VXLAN Layer 2 Tunnel End Point (VTEP) to interconnect physical and virtual networks by leveraging VMware

More information

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Module Day Topic. 1 Definition of Cloud Computing and its Basics Module Day Topic 1 Definition of Cloud Computing and its Basics 1 2 3 1. How does cloud computing provides on-demand functionality? 2. What is the difference between scalability and elasticity? 3. What

More information

vedge Cloud Datasheet PRODUCT OVERVIEW DEPLOYMENT USE CASES EXTEND VIPTELA OVERLAY INTO PUBLIC CLOUD ENVIRONMENTS

vedge Cloud Datasheet PRODUCT OVERVIEW DEPLOYMENT USE CASES EXTEND VIPTELA OVERLAY INTO PUBLIC CLOUD ENVIRONMENTS vedge Cloud Datasheet PRODUCT OVERVIEW Viptela vedge Cloud is a software router platform that supports entire range of capabilities available on the physical vedge-100, vedge-1000 and vedge-2000 router

More information

Design Guide for Cisco ACI with Avi Vantage

Design Guide for Cisco ACI with Avi Vantage Page 1 of 23 Design Guide for Cisco ACI with Avi Vantage view online Overview Cisco ACI Cisco Application Centric Infrastructure (ACI) is a software defined networking solution offered by Cisco for data

More information

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation) This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias

More information

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework White Paper Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework August 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.

More information

Lecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Lecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Lecture 7 Advanced Networking Virtual LAN Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Advanced Networking Scenario: Data Center Network Single Multiple, interconnected via Internet

More information

Virtual Security Gateway Overview

Virtual Security Gateway Overview This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,

More information

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances The Single-node Trial for VMware vcenter Server on IBM Cloud is a single-tenant hosted private cloud that delivers

More information

SEVONE DATA APPLIANCE FOR EUE

SEVONE DATA APPLIANCE FOR EUE Insight for the Connected World Data Appliance for EUE [ DataSheet ] SEVONE DATA APPLIANCE FOR EUE INSIGHTS FROM THE USER PERSPECTIVE. Software, applications and services running on the network infrastructure

More information

Nuage Networks Product Architecture. White Paper

Nuage Networks Product Architecture. White Paper Nuage Networks Product Architecture White Paper Table of Contents Abstract... 3 Networking from the Application s Perspective... 4 Design Principles... 4 Architecture... 4 Integrating Bare Metal Resources...

More information

Configuring Aviatrix Encryption

Configuring Aviatrix Encryption Configuring Aviatrix Encryption For AWS Direct Connect Azure Express Route Google Cloud Interconnect Last updated: October 9, 2016 Aviatrix Systems, Inc. 4555 Great America Pkwy Santa Clara CA 95054 USA

More information

Title DC Automation: It s a MARVEL!

Title DC Automation: It s a MARVEL! Title DC Automation: It s a MARVEL! Name Nikos D. Anagnostatos Position Network Consultant, Network Solutions Division Classification ISO 27001: Public Data Center Evolution 2 Space Hellas - All Rights

More information

Quick Start Guide v3. Nuage Networks 755 Ravendale Drive Mountain View, CA 94043

Quick Start Guide v3. Nuage Networks 755 Ravendale Drive Mountain View, CA 94043 Quick Start Guide 11.10.2016 v3 Nuage Networks 755 Ravendale Drive Mountain View, CA 94043 Quick Start Guide Nuage Networks experience (Nuage X) 1 Overview This guide is designed to familiarize new users

More information

PassTorrent. Pass your actual test with our latest and valid practice torrent at once

PassTorrent.   Pass your actual test with our latest and valid practice torrent at once PassTorrent http://www.passtorrent.com Pass your actual test with our latest and valid practice torrent at once Exam : 352-011 Title : Cisco Certified Design Expert Practical Exam Vendor : Cisco Version

More information

From Zero Touch Provisioning to Secure Business Intent

From Zero Touch Provisioning to Secure Business Intent From Zero Touch Provisioning to Secure Business Intent Flexible Orchestration with Silver Peak s EdgeConnect SD-WAN Solution From Zero Touch Provisioning to Secure Business Intent Flexible Orchestration

More information

Cisco Nexus 1000V InterCloud

Cisco Nexus 1000V InterCloud Deployment Guide Cisco Nexus 1000V InterCloud Deployment Guide (Draft) June 2013 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 49 Contents

More information

Session objectives and takeaways

Session objectives and takeaways Session objectives and takeaways Objectives Explain SDN Core Concepts Deploy SDN Fabric with SCVMM 2016 Takeaways: Deploying SDN Fabric components with SCVMM requires planning Deploying Tenant Resources

More information

Enabling Efficient and Scalable Zero-Trust Security

Enabling Efficient and Scalable Zero-Trust Security WHITE PAPER Enabling Efficient and Scalable Zero-Trust Security FOR CLOUD DATA CENTERS WITH AGILIO SMARTNICS THE NEED FOR ZERO-TRUST SECURITY The rapid evolution of cloud-based data centers to support

More information

Course Outline. Module 1: Microsoft Azure for AWS Experts Course Overview

Course Outline. Module 1: Microsoft Azure for AWS Experts Course Overview Course Outline Module 1: Microsoft Azure for AWS Experts Course Overview In this module, you will get an overview of Azure services and features including deployment models, subscriptions, account types

More information

40390: Microsoft Azure for AWS Experts

40390: Microsoft Azure for AWS Experts Let s Reach For Excellence! TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC Address: 103 Pasteur, Dist.1, HCMC Tel: 08 38245819; 38239761 Email: traincert@tdt-tanduc.com Website: www.tdt-tanduc.com; www.tanducits.com

More information

Data Center Configuration. 1. Configuring VXLAN

Data Center Configuration. 1. Configuring VXLAN Data Center Configuration 1. 1 1.1 Overview Virtual Extensible Local Area Network (VXLAN) is a virtual Ethernet based on the physical IP (overlay) network. It is a technology that encapsulates layer 2

More information

Network Edge Innovation With Virtual Routing

Network Edge Innovation With Virtual Routing Independent market research and competitive analysis of next-generation business and technology solutions for service providers and vendors Network Edge Innovation With Virtual Routing A Heavy Reading

More information

MPLS vs SDWAN.

MPLS vs SDWAN. MPLS vs SDWAN MPLS MPLS It offers excellent QoS when it comes to avoiding packet loss and keeping a business s most important traffic flowing. This reliability is especially essential to maintain the quality

More information

Data Center Interconnect Solution Overview

Data Center Interconnect Solution Overview CHAPTER 2 The term DCI (Data Center Interconnect) is relevant in all scenarios where different levels of connectivity are required between two or more data center locations in order to provide flexibility

More information

What s New with VMware vcloud Director 8.0

What s New with VMware vcloud Director 8.0 Feature Overview TECHNICAL WHITE PAPER Table of Contents What s New with VMware....3 Support for vsphere 6.0 and NSX 6.1.4....4 VMware vsphere 6.0 Support...4 VMware NSX 6.1.4 Support....4 Organization

More information

Dimension Data IaaS Services. Gary Ramsay

Dimension Data IaaS Services. Gary Ramsay Dimension Data IaaS Services Gary Ramsay 29.08.2017 In a world first, Dimension Data provided real-time data analytics on each of the 198 riders in this year s Tour de France. accelerate your ambition

More information

Trusted Cloud protects your critical data by ensuring that no unauthorised code can run undetected on your critical server infrastructure.

Trusted Cloud protects your critical data by ensuring that no unauthorised code can run undetected on your critical server infrastructure. CyberHive s unique solution uses a combination of hardware-based cryptography and advanced whitelisting to protect servers from all unauthorised activity and malware in a way that conventional solutions

More information

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric

More information

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization CS-580K/480K Advanced Topics in Cloud Computing Network Virtualization 1 Network Diagram of A Company 2 University Network Topology https://www.researchgate.net/figure/234782590_fig1_fig-5-see-university-network-infrastructure

More information

Cisco Container Platform

Cisco Container Platform Cisco Container Platform Pradnesh Patil Suhail Syed Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click

More information

Cisco ACI Terminology ACI Terminology 2

Cisco ACI Terminology ACI Terminology 2 inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias

More information

VMWARE ENTERPRISE PKS

VMWARE ENTERPRISE PKS DATASHEET AT A GLANCE VMware Enterprise PKS is a productiongrade Kubernetes-based container solution equipped with advanced networking, a private container registry, and full lifecycle management. VMware

More information

EdgeConnectSP The Premier SD-WAN Solution

EdgeConnectSP The Premier SD-WAN Solution SERVICE PROVIDER EdgeConnectSP The Premier SD-WAN Solution Build High-Performance Managed SD-WAN Services Challenges with Legacy WANs Significant shifts in application and traffic patterns, including the

More information

Cisco Designing the Cisco Cloud (CLDDES) Download Full version :

Cisco Designing the Cisco Cloud (CLDDES) Download Full version : Cisco 300-465 Designing the Cisco Cloud (CLDDES) Download Full version : http://killexams.com/pass4sure/exam-detail/300-465 out from the VM. F. Operates by allocating disk storage space in a flexible manner

More information

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder VMWARE SOLUTIONS AND THE DATACENTER Fredric Linder MORE THAN VSPHERE vsphere vcenter Core vcenter Operations Suite vcenter Operations Management Vmware Cloud vcloud Director Chargeback VMware IT Business

More information

Feature Comparison Summary

Feature Comparison Summary Feature Comparison Summary, and The cloud-ready operating system Thanks to cloud technology, the rate of change is faster than ever before, putting more pressure on IT. Organizations demand increased security,

More information

Cisco Tetration Analytics + Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cisco Tetration Analytics + Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH Cisco Tetration Analytics + Demo Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH Agenda Introduction Theory Demonstration Innovation Through Engineering

More information

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer Quantum, network services for Openstack Salvatore Orlando sorlando@nicira.com Openstack Quantum core developer Twitter- @taturiello Caveats Quantum is in its teenage years: there are lots of things that

More information

REFERENCE ARCHITECTURE Quantum StorNext and Cloudian HyperStore

REFERENCE ARCHITECTURE Quantum StorNext and Cloudian HyperStore REFERENCE ARCHITECTURE Quantum StorNext and Cloudian HyperStore CLOUDIAN + QUANTUM REFERENCE ARCHITECTURE 1 Table of Contents Introduction to Quantum StorNext 3 Introduction to Cloudian HyperStore 3 Audience

More information

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER 2 WHY KUBERNETES? Kubernetes is an open-source container orchestrator for deploying and managing containerized applications. Building on 15 years of experience

More information

Internet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski

Internet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski Internet Technology 15. Things we didn t get to talk about Paul Krzyzanowski Rutgers University Spring 2016 May 6, 2016 352 2013-2016 Paul Krzyzanowski 1 Load Balancers Load Balancer External network NAT

More information

Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers

Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers VMware vcloud Architecture Toolkit for Service Providers Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers Version 2.9 January 2018 Adrian Roberts 2018 VMware, Inc. All rights reserved.

More information

VMware vrealize Network Insight Arkin Messaging Document

VMware vrealize Network Insight Arkin Messaging Document Key Message Summary Launch Overview Organizations around the world are adopting an SDDC architecture based on VMware s virtualized infrastructure. Enterprise customers see the value of SDDC and SDN, but

More information

Let s say that hosting a cloudbased application is like car ownership

Let s say that hosting a cloudbased application is like car ownership Let s say that hosting a cloudbased application is like car ownership Azure App Service App Service Features & Capabilities All features and capabilities are shared across all of App Service application

More information

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018 Running RHV integrated with Cisco ACI JuanLage Principal Engineer - Cisco May 2018 Agenda Why we need SDN on the Data Center What problem are we solving? Introduction to Cisco Application Centric Infrastructure

More information

Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide

Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide Overview of Red Hat OpenDaylight OpenStack Team Red Hat OpenStack Platform 10 Red Hat OpenDaylight Product Guide Overview of Red Hat OpenDaylight

More information

Hybrid Cloud Solutions

Hybrid Cloud Solutions Hybrid Cloud Solutions with Cisco and Microsoft Innovation Rob Tappenden, Technical Solution Architect rtappend@cisco.com March 2016 Today s industry and business challenges Industry Evolution & Data Centres

More information

Cisco Application Policy Infrastructure Controller Data Center Policy Model

Cisco Application Policy Infrastructure Controller Data Center Policy Model White Paper Cisco Application Policy Infrastructure Controller Data Center Policy Model This paper examines the Cisco Application Centric Infrastructure (ACI) approach to modeling business applications

More information

<Placeholder cover we will adjust> Microsoft Azure Stack Licensing Guide (end customers)

<Placeholder cover we will adjust> Microsoft Azure Stack Licensing Guide (end customers) Microsoft Azure Stack Licensing Guide (end customers) August 2017 Introduction This licensing guide is for people who would like to gain a basic understanding of how

More information

What is Dell EMC Cloud for Microsoft Azure Stack?

What is Dell EMC Cloud for Microsoft Azure Stack? What is Dell EMC Cloud for Microsoft Azure Stack? Karsten Bott @azurestack_guy Advisory Cloud Platform Specialist AzureStack GLOBAL SPONSORS Why Hybrid Cloud? The New Digital Customer Rising and continuously

More information

Hedvig as backup target for Veeam

Hedvig as backup target for Veeam Hedvig as backup target for Veeam Solution Whitepaper Version 1.0 April 2018 Table of contents Executive overview... 3 Introduction... 3 Solution components... 4 Hedvig... 4 Hedvig Virtual Disk (vdisk)...

More information

Unity EdgeConnect SP SD-WAN Solution

Unity EdgeConnect SP SD-WAN Solution As cloud-based application adoption continues to accelerate, geographically distributed enterprises increasingly view the wide area network (WAN) as critical to connecting users to applications. As enterprise

More information

MASERGY S MANAGED SD-WAN

MASERGY S MANAGED SD-WAN MASERGY S MANAGED New Performance Options for Hybrid Networks Business Challenges WAN Ecosystem Features and Benefits Use Cases INTRODUCTION Organizations are leveraging technology to transform the way

More information

NETWORK OVERLAYS: AN INTRODUCTION

NETWORK OVERLAYS: AN INTRODUCTION NETWORK OVERLAYS: AN INTRODUCTION Network overlays dramatically increase the number of virtual subnets that can be created on a physical network, which in turn supports multitenancy and virtualization

More information

Overcoming Business Challenges in WAN infrastructure

Overcoming Business Challenges in WAN infrastructure White paper Overcoming Business Challenges in WAN infrastructure A CIO s perspective on network infrastructure The Cisco SD-WAN solution is a cloud-delivered overlay WAN architecture that enables digital

More information

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual

More information

Sentinet for Windows Azure VERSION 2.2

Sentinet for Windows Azure VERSION 2.2 Sentinet for Windows Azure VERSION 2.2 Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model...

More information

VMWARE PKS. What is VMware PKS? VMware PKS Architecture DATASHEET

VMWARE PKS. What is VMware PKS? VMware PKS Architecture DATASHEET DATASHEET VMWARE PKS AT A GLANCE VMware PKS is a production-grade Kubernetes-based container solution equipped with advanced networking, a private container registry, and full lifecycle management. VMware

More information

VMware Hybrid Cloud Solution

VMware Hybrid Cloud Solution VMware Hybrid Cloud Solution Simplifying and Accelerating Your Multi-Cloud Strategy Bunyamin Ozyasar System Engineer Manager 2017 VMware Inc. All rights reserved. Today s Agenda 1 2 3 VMware SDDC Approach

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite McAfee Public Cloud Server Security Suite Comprehensive security for AWS and Azure cloud workloads As enterprises shift their data center strategy to include and often lead with public cloud server instances,

More information

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization May 2014 Prepared by: Zeus Kerravala The Top Five Reasons to Deploy Software-Defined Networks and Network Functions

More information

Introduction To Cloud Computing

Introduction To Cloud Computing Introduction To Cloud Computing What is Cloud Computing? Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g.,

More information

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS Jane R. Circle Manager, Red Hat Global Cloud Provider Program and Cloud Access Program June 28, 2016 WHAT WE'LL DISCUSS TODAY Hybrid clouds and multi-cloud

More information

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION

More information

Windows Server The operating system

Windows Server The operating system Windows Server 2019 The operating system that bridges onpremises and cloud By maximizing technology and infrastructure investments with Windows Server 2019, forward-facing businesses can capture direct

More information

INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2

INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 Table of Contents INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 LISP MOBILITY MODES OF OPERATION/CONSUMPTION SCENARIOS 3 LISP SINGLE HOP SCENARIO 3 LISP MULTI- HOP SCENARIO 3 LISP IGP ASSIT MODE 4 LISP INTEGRATION

More information

Principles of Application Centric Infrastructure

Principles of Application Centric Infrastructure White Paper Principles of Application Centric Infrastructure What You Will Learn One of the main innovations in application centric infrastructure (ACI) is the introduction of a highly abstracted interface

More information

<Placeholder cover we will adjust> Microsoft Azure Stack Licensing Guide (Hosters and service providers)

<Placeholder cover we will adjust> Microsoft Azure Stack Licensing Guide (Hosters and service providers) Microsoft Azure Stack Licensing Guide (Hosters and service providers) Introduction This licensing guide is for people who would like to gain a basic understanding of

More information

State of Cloud Adoption. Cloud usage is over 90%, are you ready?

State of Cloud Adoption. Cloud usage is over 90%, are you ready? State of Cloud Adoption Cloud usage is over 90%, are you ready? State of Cloud Adoption Cloud hardware, software and services are capturing 60% of IT market growth, mostly in the public cloud space Trust

More information