Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin
Size: px
Start display at page:

Download "Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin"

Transcription

1 Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin

2 Virtual Security Gateway (VSG) Overview VSG Packet Flow VSG Policy Model Use Case Example ASA on 1000V Summary 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 2

3 1. vmotion moves s across physical ports the network policy must follow vmotion Port Group 2. Must view or apply network/ security policy to locally switched traffic Server Admin 3. Need to maintain segregation of duties while ensuring non-disruptive operations Security Admin Network Admin 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 3

4 Virtual Security Gateway (VSG) Context Aware Security Zone-Based Control Dynamic, Agile context aware rules Establish zones of trust Policies follow vmotion Best-in-Class Architecture Efficient, fast, scale-out SW Virtual Network Management Center (VNMC) Non-Disruptive Operations Policy Based Administration Designed for Automation Security team manages security Central mgmt, scalable deployment, multi-tenancy XML API, security profiles 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 4

5 Deployment granularity depending on use case Tenant, VDC, vapp Multi-instance deployment provides horizontal scale-out Virtual Network Management Center Tenant A Tenant B VDC-1 VDC-2 vapp vapp vpath Nexus 1000V vsphere 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 5

6 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath VSG 1 Initial Packet Flow Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 6

7 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 7

8 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath Decision Caching 3 VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 8

9 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC 4 Nexus 1000V Distributed Virtual Switch vpath Decision Caching 3 VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 9

10 VNMC Nexus 1000V Distributed Virtual Switch vpath ACL offloaded to Nexus 1000V (policy enforcement) VSG Remaining packets from flow Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 10

11 Ware vcenter Attributes Virtual Network Management Center (VNMC) -to-ip Binding Security Profiles Device Profiles attributes VSM VSM VSN VSG Port Profiles Interactions Packets (Slow-Path) Packets (Fast-Path) vpath Nexus 1000V ESX Servers Packets (Fast-Path) 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 11

12 VSG Security Policy Model

13 Security Profile Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 13

14 Security Profile Policy Set Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 14

15 Security Profile Policy Set Policy 1 Rule 1 Rule 2 Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 15

16 Security Profile Policy Set Policy 1 Policy 2 Policy N Rule 1 Rule 1 Rule 1 Rule 2 Rule 2 Rule 2 Rule N Rule N Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 16

17 Security Profile Policy Set Policy 1 Policy 2 Policy N Rule 1 Rule 1 Rule 1 Rule 2 Rule 2 Rule 2 Rule N Rule N Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 17

18 Rule Source Condition Destination Condition Action 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 18

19 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 19

20 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone New Attributes Name Guest OS full name Resource Pool Parent App Name Port Profile Name Cluster Name DNS Name Network Attributes IP Address Network Port Hypervisor Name 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 20

21 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone Attributes Name Guest OS full name Resource Pool Network Attributes IP Address Network Port Operator eq neq Operator member Not-member Parent App Name gt Contains Port Profile Name lt Cluster Name range DNS Name Not-in-range Hypervisor Name Prefix 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 21

22 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone New Attributes Network Attributes Instance Name IP Address Guest OS full name Network Port Zone Name Parent App Name Port Profile Name Cluster Name Hypervisor Name Operator Operator eq member neq Not-member gt Contains lt range Not-in-range Prefix 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 22

23 VSG Use Cases

24 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 24

25 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 25

26 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 26

27 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 27

28 Database Servers DMZ Servers Exchange Servers Application Servers Training Servers R&D Servers If vm-name contains TRNG, that belongs to TRNG zone Source Destination Protocol Action Zone=TRNG Zone=TRNG Any Permit Any Zone=TRNG Any Permit Zone=TRNG Any Any Drop 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 28

29 Web Client Permit Only Port 80(HTTP) of Web Servers Permit Only Port 22 (SSH) to Application Servers Block All External Access to Database Servers Web-Zone Web" Server" Web" Server" Application-Zone App" Server" App" Server" Database-Zone DB" Server" DB" Server" Only Permit Web Servers Access to Application Servers Only Permit Application Servers Access to Database Servers 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 29

30 Virtual ASA1000v

31 Proven Cisco Security Virtualized Physical virtual consistency vcenter Virtual Network Management Center (VNMC) Collaborative Security Model VSG for intra-tenant secure zones Virtual ASA for tenant edge controls Seamless Integration With Nexus 1000V & vpath Scales with Cloud Demand Multi-instance deployment for horizontal scale-out deployment vsphere Tenant A Virtual ASA Tenant B VDC VDC vapp VSG VSG VSG vapp VSG Virtual ASA vpath Nexus 1000V 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 31

32 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 32

33 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath VSG Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 33

34 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) VSG 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 34

35 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) 4 VSG 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 35

36 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) 4 VSG 5 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 36

37 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath VSG Nexus 1000V Distributed Virtual Switch vpath 3 ASA 1 Rest of the flow 2 ASA in line (policy downloaded) 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 37

38 NAT IPSec VPN (Site-to-Site) Default Gateway DHCP Static Routing Stateful Protocol IP Audit Role based separation Consistent ASA feature set Intelligent traffic steering via vpath Strategic Partnership with Ware Not just an ASA Part of a solution which benefits from vpath 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 38

39 Cisco N1KV (vpath) is leveraged by VSG and vasa for deployment VSG is NOT required to installed on every physical host VSG provides a High Availability solution to protect multiple ESX hosts Supports a Multitenant Environment Non-Disruptive Administration Model - Security team manages Security Polices VNMC VSG vpath Nexus 1000V Hypervisor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 39

40 Thank you Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 40

Similar documents

Nevrijeme u oblacima i kako se zaštititi

Nevrijeme u oblacima i kako se zaštititi Nevrijeme u oblacima i kako se zaštititi Goran Peteh Enterprise Systems Engineer Zagreb, 0.2.20. Agenda Internet trends MorganStanley Identity-aware infrastructure Physical and virtual security Cumulus

More information

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC) Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC) Dedi Shindler - Sr. Manager Product Management Cloud System Management Technology Group Cisco Agenda Trends Influencing

More information

Network Services in Virtualized Data Center

Network Services in Virtualized Data Center Network Services in Virtualized Data Center Tomáš Michaeli Consulting Systems Engineer, DCV Central / Czech republic 21 Mar 2012 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Almost

More information

Cisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer

Cisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer Cisco Virtual Networking Solution Nexus 1000v and Virtual Services Abhishek Mande Engineer mailme@cisco.com Agenda Application requirements in virtualized DC The Anatomy of Nexus 1000V Virtual Services

More information

Virtuální firewall v ukázkách a příkladech

Virtuální firewall v ukázkách a příkladech Praha, hotel Clarion 10. 11. dubna 2013 Virtuální firewall v ukázkách a příkladech T-SEC3 / L2 Tomáš Michaeli Cisco 2013 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Agenda VXLAN

More information

Cisco Virtual Security Gateway Deployment Guide VSG 1.4

Cisco Virtual Security Gateway Deployment Guide VSG 1.4 Deployment Guide Cisco Virtual Security Gateway Deployment Guide VSG 1.4 Deployment Guide 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 33

More information

Virtual Security Gateway Overview

Virtual Security Gateway Overview This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,

More information

Deploying the Cisco ASA 1000V

Deploying the Cisco ASA 1000V CHAPTER 2 This chapter includes the following sections: Information About the ASA 1000V Deployment, page 2-1 Downloading the ASA 1000V OVA File, page 2-7 Deploying the ASA 1000V Using the VMware vsphere

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 4 About

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 3 About

More information

Segmentation. Threat Defense. Visibility

Segmentation. Threat Defense. Visibility Segmentation Threat Defense Visibility Establish boundaries: network, compute, virtual Enforce policy by functions, devices, organizations, compliance Control and prevent unauthorized access to networks,

More information

Cisco Nexus 1000V Switch for Microsoft Hyper-V

Cisco Nexus 1000V Switch for Microsoft Hyper-V Q&A Cisco Nexus 1000V Switch for Microsoft Hyper-V Overview Q. What are Cisco Nexus 1000V Switches? A. Cisco Nexus 1000V Switches provide a comprehensive and extensible architectural platform for virtual

More information

Data Center Virtualization Setting the Foundation. Ed Bugnion VP/CTO, Cisco Server, Access and Virtualization Technology Group

Data Center Virtualization Setting the Foundation. Ed Bugnion VP/CTO, Cisco Server, Access and Virtualization Technology Group Data Center Virtualization Setting the Foundation Ed Bugnion VP/CTO, Cisco Server, Access and Virtualization Technology Group I Fought the Law, and the Law Won Sonny Curtis and the Crickets Moore s Law

More information

Cisco Virtual Security Gateway, Rel. 4.2(1)VSG1(3.1) and Cisco Virtual Network Management Center, Rel. 1.3 Installation and Upgrade Guide

Cisco Virtual Security Gateway, Rel. 4.2(1)VSG1(3.1) and Cisco Virtual Network Management Center, Rel. 1.3 Installation and Upgrade Guide Cisco Virtual Security Gateway, Rel. 4.2(1)VSG1(3.1) and Cisco Virtual Network Management Center, Rel. 1.3 Installation and Upgrade Guide February 16, 2012 Americas Headquarters Cisco Systems, Inc. 170

More information

HW virtualizace a podpora hypervizorů různých výrobců

HW virtualizace a podpora hypervizorů různých výrobců Cisco Expo 2012 HW virtualizace a podpora hypervizorů různých výrobců René Raeber Datacenter Architect IEEE 802.1DCB Architect Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter

More information

Cisco Nexus 1000V Series Switches

Cisco Nexus 1000V Series Switches Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches are virtual machine access switches that are an intelligent software switch implementation for VMware vsphere environments

More information

Table of Contents HOL-PRT-1305

Table of Contents HOL-PRT-1305 Table of Contents Lab Overview... 2 - Abstract... 3 Overview of Cisco Nexus 1000V series Enhanced-VXLAN... 5 vcloud Director Networking and Cisco Nexus 1000V... 7 Solution Architecture... 9 Verify Cisco

More information

vshield Administration Guide

vshield Administration Guide vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Cisco Nexus 1000V Series Switches

Cisco Nexus 1000V Series Switches Data Sheet Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches provide a comprehensive and extensible architectural platform for virtual machine and cloud networking. The

More information

QUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide

QUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide QUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide 1 Preface 2 Installation Prerequisites 3 Installing VNMC 4 Configuring VNMC 5 Troubleshooting VNMC Installation and Configuration

More information

Cisco Virtual Network Management Center GUI Configuration Guide, Release 1.3

Cisco Virtual Network Management Center GUI Configuration Guide, Release 1.3 Cisco Virtual Network Management Center GUI Configuration Guide, Release 1.3 First Published: January 31, 2012 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA

More information

Cisco Prime Network Services Controller 3.0 CLI Configuration Guide

Cisco Prime Network Services Controller 3.0 CLI Configuration Guide Cisco Prime Network Services Controller 3.0 Configuration Guide January 29 2014 Chapter 1 Overview... 4 Information About Prime Network Services Controller... 4 Information About the Prime Network Services

More information

Nexus 1000V in Context of SDN. Martin Divis, CSE,

Nexus 1000V in Context of SDN. Martin Divis, CSE, Nexus 1000V in Context of SDN Martin Divis, CSE, mdivis@cisco.com Why Cisco Nexus 1000V Losing the Edge Server Admin Host Host Host Host Server Admin manages virtual switching! vswitch vswitch vswitch

More information

Cisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge

Cisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge Cisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge Appaji Malla Sr. Product Manager Cisco Cloud Networking Services Division Agenda Cisco s Virtual Networking Vision Cisco Nexus 1000V

More information

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any

More information

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme SAI2803BU The Road to Micro- Segmentation with VMware NSX #VMworld #SAI2803BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology

More information

Cisco Prime Network Services Controller 3.0 User Guide

Cisco Prime Network Services Controller 3.0 User Guide Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-28179-01 Cisco

More information

Cisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches

Cisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches Cisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches Kapil Bakshi Solutions Architect Session Details - Session Title: Cisco Nexus 1000V InterCloud-based Hybrid Cloud Architectures

More information

vshield Quick Start Guide

vshield Quick Start Guide vshield Manager 4.1.0 Update 1 vshield Zones 4.1.0 Update 1 vshield Edge 1.0.0 Update 1 vshield App 1.0.0 Update 1 vshield Endpoint 1.0.0 Update 1 This document supports the version of each product listed

More information

Cisco HyperFlex Systems

Cisco HyperFlex Systems White Paper Cisco HyperFlex Systems Converting to Cisco Nexus 1000V Distributed Switches for Cisco HyperFlex Virtual Machine Guest and VMware vmotion Networks Author: Hui Chen October 2016 2016 Cisco and/or

More information

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product

More information

Solution Brief: VMware vcloud Director and Cisco Nexus 1000V

Solution Brief: VMware vcloud Director and Cisco Nexus 1000V Solution Brief: VMware vcloud Director and Cisco Nexus 1000V Executive Summary Agility, flexibility, elasticity and reliability are requirements for the virtualized data center and for private and public

More information

Borderless Networks. Tom Schepers, Director Systems Engineering

Borderless Networks. Tom Schepers, Director Systems Engineering Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action

More information

Creating Application Containers

Creating Application Containers This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 2 About Application Container Templates, page 5 Creating

More information

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

vcloud Air - Virtual Private Cloud OnDemand Networking Guide vcloud Air - Virtual Private Cloud OnDemand Networking Guide vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud

Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud Usha Ramachandran, Technical Marketing Engineer Session Abstract In this session, participants will learn how to create hybrid

More information

Q&As DCID Designing Cisco Data Center Infrastructure

Q&As DCID Designing Cisco Data Center Infrastructure CertBus.com 300-160 Q&As DCID Designing Cisco Data Center Infrastructure Pass Cisco 300-160 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee

More information

Attribute-Based Access Control

Attribute-Based Access Control Attributes are customized network objects for use in your configuration. You can define and use them in Cisco ASA configurations to filter traffic associated with one or more virtual machines in an VMware

More information

Creating Application Containers

Creating Application Containers This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 3 About Application Container Templates, page 5 Creating

More information

Data Center 3.0 Technology Evolution. Session ID 20PT

Data Center 3.0 Technology Evolution. Session ID 20PT Data Center 3.0 Technology Evolution Session ID 20PT Session Goal The focus of this seminar is on the latest technologies some of which can already be used in today's deployments and some that will become

More information

Agenda Registration & Coffee

Agenda Registration & Coffee Agenda 09.15 Registration & Coffee 09:45 Welcome & Overview - Paul D'Cruz Data Centre Systems Engineering Manager 10:00 Unified Fabric - Virtualising the Network and Storage Domain - Gordon Hirst DC CSE

More information

Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version

Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version ACE Exam Question 1 of 50. Traffic going to a public IP address is being translated by your Palo Alto Networks firewall to your

More information

VMware vsphere 4.0 The best platform for building cloud infrastructures

VMware vsphere 4.0 The best platform for building cloud infrastructures VMware vsphere 4.0 The best platform for building cloud infrastructures VMware Intelligence Community Team Rob Amos - Intelligence Programs Manager ramos@vmware.com (703) 209-6480 Harold Hinson - Intelligence

More information

Service Oriented Virtual DC Design

Service Oriented Virtual DC Design Dubrovnik, Croatia, South East Europe 20-22 May, 2013 Service Oriented Virtual DC Design Višnja Milovanović Consulting Systems Engineer Data Center & Virtualization 2011 2012 Cisco and/or its affiliates.

More information

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure

More information

Designing Cisco Data Center Unified Computing

Designing Cisco Data Center Unified Computing Designing Cisco Data Center Unified Computing Number: 642-998 Passing Score: 800 Time Limit: 120 min File Version: 1.1 http://www.gratisexam.com/ Sections 1. Drag and Drop 2. Questions 3. Hot Spot CISCO

More information

Managing ReadyClones

Managing ReadyClones HX Data Platform ReadyClones Overview, on page 1 Benefits of HX Data Platform ReadyClones, on page 1 Supported Base VMs, on page 2 ReadyClone Requirements, on page 2 ReadyClone Best Practices, on page

More information

The Nexus 1000V on Microsoft Hyper-V: Expanding the Virtual Edge

The Nexus 1000V on Microsoft Hyper-V: Expanding the Virtual Edge The Nexus 1000V on Microsoft Hyper-V: Expanding the Virtual Edge 2 Agenda Cisco s Virtual Networking Vision Cisco Nexus 1000V Portfolio Overview Recent Pricing Changes Architectural Overview Services Architecture

More information

Architecting Scalable Clouds using VXLAN and Nexus 1000V

Architecting Scalable Clouds using VXLAN and Nexus 1000V Architecting Scalable Clouds using VXLAN and Nexus 1000V Lawrence Kreeger Principal Engineer Agenda Session Is Broken Into 3 Main Parts Part 1: VXLAN Overview What is a VXLAN? Why VXLANs? What is VMware

More information

Service Insertion with ACI using F5 iworkflow

Service Insertion with ACI using F5 iworkflow Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models

More information

What s New with VMware vcloud Director 8.0

What s New with VMware vcloud Director 8.0 Feature Overview TECHNICAL WHITE PAPER Table of Contents What s New with VMware....3 Support for vsphere 6.0 and NSX 6.1.4....4 VMware vsphere 6.0 Support...4 VMware NSX 6.1.4 Support....4 Organization

More information

Cisco Nexus 1000V InterCloud

Cisco Nexus 1000V InterCloud Deployment Guide Cisco Nexus 1000V InterCloud Deployment Guide (Draft) June 2013 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 49 Contents

More information

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?

More information

Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite BRKPCA-2040

Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite BRKPCA-2040 Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite Roxana Diaz TSA, CCIE BRKPCA-2040 @roxadiaz2 Agenda Introduction Cisco VACS Overview VACS Configuration Security Use-cases Customers

More information

Product Release 6.4 VMware Installation

Product Release 6.4 VMware Installation Product Release 6.4 VMware Installation Document Revision 1.00 2014 Catbird Networks. All Rights Reserved. This document and product is protected by US and international copyright and intellectual property

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Architecting Tenant Networking with VMware NSX in VMware vcloud Director

Architecting Tenant Networking with VMware NSX in VMware vcloud Director VMware vcloud Architecture Toolkit for Service Providers Architecting Tenant Networking with VMware NSX in VMware vcloud Director Version 2.9 January 2018 Steve Dockar 2018 VMware, Inc. All rights reserved.

More information

Next Generation Data Centers Networks Consolidation and Virtualization

Next Generation Data Centers Networks Consolidation and Virtualization Next Generation Data Centers Networks Consolidation and Virtualization Samuel TAYLOR Directeur Technique Channel - WCA samtaylo@cisco.com 1 70 % of CIOs would increase spending on virtualization even if

More information

Cisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14

Cisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14 Cisco Application Centric Infrastructure Roadshow Wednesday, 2. April 14 Cisco ACI Roadshow - Agenda Business and IT trends Cisco Open Network Environment (ONE) Lunch Cisco Application Centric Infrastructure

More information

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation) This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias

More information

Cisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.)

Cisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.) Volume: 223 Questions Question No: 1 Which three commands can be used to harden a switch? (Choose three.) A. switch(config-if)# spanning-tree bpdufilter enable B. switch(config)# ip dhcp snooping C. switch(config)#

More information

Storage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0

Storage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0 Storage Considerations for VMware vcloud Director Version 1.0 T e c h n i c a l W H I T E P A P E R Introduction VMware vcloud Director is a new solution that addresses the challenge of rapidly provisioning

More information

Cisco Virtual Application Container Services 2.0 Lab v1

Cisco Virtual Application Container Services 2.0 Lab v1 Cisco Virtual Application Container Services 2.0 Lab v1 Last Updated: 02-SEP-2015 About This Solution Cisco Virtual Application Container Services (VACS) enables simplified deployment of Secure Application

More information

Configuring Administrative Operations

Configuring Administrative Operations This section includes the following topics: Administrative Operation Conventions, page 1 Managing Backup Operations, page 1 Restoring a Backup Configuration, page 6 Managing Export Operations, page 10

More information

Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version

Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version ACE Exam Question 1 of 50. Which of the following statements is NOT True regarding a Decryption Mirror interface? Supports SSL outbound

More information

Cloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing

Cloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing Cloud Computing the VMware Perspective Bogomil Balkansky Product Marketing Cloud Computing - the Key Questions What is it? Why do you need it? How do you build (or leverage) one (or many)? How do you operate

More information

Data Center Security. Fuat KILIÇ Consulting Systems

Data Center Security. Fuat KILIÇ Consulting Systems Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized

More information

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack

More information

Building a Big IaaS Cloud. David /

Building a Big IaaS Cloud. David / Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute

More information

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit Integration of Hypervisors and L4-7 Services into an ACI Fabric Azeem Suleman, Principal Engineer, Insieme Business Unit Agenda Introduction to ACI Review of ACI Policy Model Hypervisor Integration Layer

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Efficient, Agile and Extensible Software-Defined Networks and Security WHITE PAPER Overview Organizations worldwide have gained significant efficiency and

More information

VMware vcloud Director for Service Providers

VMware vcloud Director for Service Providers Architecture Overview TECHNICAL WHITE PAPER Table of Contents Scope of Document....3 About VMware vcloud Director....3 Platform for Infrastructure Cloud...3 Architecture Overview....3 Constructs of vcloud

More information

Introducing the Cisco VNMC XML API

Introducing the Cisco VNMC XML API CHAPTER 1 The following sections provide general information about Cisco Virtual Network Management Center (VNMC) and the XML application programming interface (API): Overview of VNMC and XML APIs, page

More information

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS. ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS. Ionka Gancheva, PhD student 45 Abstract: The article contains an analysis of virtual networks and technologies that are used at data centers nowadays. Many

More information

Security and Virtualisation in the Data Centre

Security and Virtualisation in the Data Centre Security and Virtualisation in the Data Centre Greg Gibbs Network Consulting Engineer CCIE #19084 Abstract The evolving complexity of the data centre is placing increased demand on the network and security

More information

Oracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0

Oracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0 Design Guide Oracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0 This design guide describes how to deploy the Cisco Application Control Engine (Cisco

More information

Network Virtualization

Network Virtualization Network Virtualization Petr Grygárek 1 Traditional Virtualization Techniques Network Virtualization Implementation of separate logical network environments (Virtual Networks, VNs) for multiple groups on

More information

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS

More information

vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5

vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5 vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this

More information

Application Provisioning

Application Provisioning Overview, page 1 Application Categories, page 1 Application Containers, page 2 Catalogs, page 7 Self-Service Provisioning, page 8 Overview After you have allocated your resources among your user groups,

More information

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual

More information

vsphere Networking for the Network Admin Jason Nash, Varrow CTO

vsphere Networking for the Network Admin Jason Nash, Varrow CTO vsphere Networking for the Network Admin Jason Nash, Varrow CTO Agenda What is virtualization? How does virtualization impact the network team? How should you approach virtualization? vsphere 101 Where

More information

VMware Integrated OpenStack Quick Start Guide

VMware Integrated OpenStack Quick Start Guide VMware Integrated OpenStack Quick Start Guide VMware Integrated OpenStack 1.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

VMWARE SERVICE PROVIDER PROGRAM PRODUCT USAGE GUIDE Q2

VMWARE SERVICE PROVIDER PROGRAM PRODUCT USAGE GUIDE Q2 VSPP Product Usage Guide VMware Service Providers Program (VSPP) VSPP Product Usage Guide VMWARE SERVICE PROVIDER PROGRAM PRODUCT USAGE GUIDE Q2 2011 VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304

More information

Cisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System

Cisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System Cisco Virtual Topology System Cisco VTS Enabling the Software Defined Data Center Jim Triestman CSE Datacenter USSP jtriestm@cisco.com VXLAN Fabric: Choice of Automation and Programmability Application

More information

Cisco Certdumps Questions & Answers - Testing Engine

Cisco Certdumps Questions & Answers - Testing Engine Cisco Certdumps 642-996 Questions & Answers - Testing Engine Number: 642-996 Passing Score: 797 Time Limit: 120 min File Version: 16.8 http://www.gratisexam.com/ Sections 1. A 2. B 3. C 4. Exhibit Case

More information

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012 SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating

More information

Cisco ACI Terminology ACI Terminology 2

Cisco ACI Terminology ACI Terminology 2 inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias

More information

Security Gateway Virtual Edition

Security Gateway Virtual Edition Security Gateway Virtual Edition R75.20 Administration Guide 4 March 2012 Classification: [Restricted] 2012 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation

More information

Cisco ACI and Cisco AVS

Cisco ACI and Cisco AVS This chapter includes the following sections: Cisco AVS Overview, page 1 Installing the Cisco AVS, page 5 Key Post-Installation Configuration Tasks for the Cisco AVS, page 14 Distributed Firewall, page

More information

VNS3 Configuration. Quick Launch for first time VNS3 users in Azure

VNS3 Configuration. Quick Launch for first time VNS3 users in Azure VNS3 Configuration Quick Launch for first time VNS3 users in Azure Table of Contents Setup 3 Notes 9 Create a Static IP 12 Create a Network Security Group 14 Launch VNS3 from Marketplace 19 VNS3 Unencrypted

More information

Service Graph Design with Cisco Application Centric Infrastructure

Service Graph Design with Cisco Application Centric Infrastructure White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...

More information

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances The Single-node Trial for VMware vcenter Server on IBM Cloud is a single-tenant hosted private cloud that delivers

More information

Layer 4 to Layer 7 Design

Layer 4 to Layer 7 Design Service Graphs and Layer 4 to Layer 7 Services Integration, page 1 Firewall Service Graphs, page 5 Service Node Failover, page 10 Service Graphs with Multiple Consumers and Providers, page 12 Reusing a

More information

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder VMWARE SOLUTIONS AND THE DATACENTER Fredric Linder MORE THAN VSPHERE vsphere vcenter Core vcenter Operations Suite vcenter Operations Management Vmware Cloud vcloud Director Chargeback VMware IT Business

More information

Deployment Best Practices for Microsoft Platforms on UCS

Deployment Best Practices for Microsoft Platforms on UCS Deployment Best Practices for Microsoft Platforms on UCS 2 Microsoft Datacentre Applications Increase Agility, Boost Performance, And Reduce Costs Performance Security Manageability Reliability ROI/TCO

More information

vcloud Director Administrator's Guide

vcloud Director Administrator's Guide vcloud Director 5.1.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of

More information

Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003

Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Agenda ACI Introduction and Multi-Fabric Use Cases ACI Multi-Fabric Design Options ACI Stretched Fabric Overview

More information

What s New in VMware vsphere 4: Virtual Networking W H I T E P A P E R

What s New in VMware vsphere 4: Virtual Networking W H I T E P A P E R What s New in ware vsphere 4: W H I T E P A P E R What s New in ware vsphere 4: Table of Contents Introduction................................................................ 3 ware vnetwork: Summary of

More information

*Performance and capacities are measured under ideal testing conditions using PAN-OS.0. Additionally, for VM

*Performance and capacities are measured under ideal testing conditions using PAN-OS.0. Additionally, for VM PA-820 PA-500 Feature Performance *Performance and capacities are measured under ideal testing conditions using PAN-OS.0. Additionally, for VM models please refer to hypervisor, cloud specific data sheet

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback