Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin
|
|
- Toby Cole
- 5 years ago
- Views:
Transcription
1 Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin
2 Virtual Security Gateway (VSG) Overview VSG Packet Flow VSG Policy Model Use Case Example ASA on 1000V Summary 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 2
3 1. vmotion moves s across physical ports the network policy must follow vmotion Port Group 2. Must view or apply network/ security policy to locally switched traffic Server Admin 3. Need to maintain segregation of duties while ensuring non-disruptive operations Security Admin Network Admin 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 3
4 Virtual Security Gateway (VSG) Context Aware Security Zone-Based Control Dynamic, Agile context aware rules Establish zones of trust Policies follow vmotion Best-in-Class Architecture Efficient, fast, scale-out SW Virtual Network Management Center (VNMC) Non-Disruptive Operations Policy Based Administration Designed for Automation Security team manages security Central mgmt, scalable deployment, multi-tenancy XML API, security profiles 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 4
5 Deployment granularity depending on use case Tenant, VDC, vapp Multi-instance deployment provides horizontal scale-out Virtual Network Management Center Tenant A Tenant B VDC-1 VDC-2 vapp vapp vpath Nexus 1000V vsphere 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 5
6 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath VSG 1 Initial Packet Flow Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 6
7 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 7
8 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC Nexus 1000V Distributed Virtual Switch vpath Decision Caching 3 VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 8
9 Virtual Security Gateway Intelligent Traffic Steering with vpath VNMC 4 Nexus 1000V Distributed Virtual Switch vpath Decision Caching 3 VSG 1 Initial Packet Flow 2 Flow Access Control (policy evaluation) Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 9
10 VNMC Nexus 1000V Distributed Virtual Switch vpath ACL offloaded to Nexus 1000V (policy enforcement) VSG Remaining packets from flow Log/Audit 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 10
11 Ware vcenter Attributes Virtual Network Management Center (VNMC) -to-ip Binding Security Profiles Device Profiles attributes VSM VSM VSN VSG Port Profiles Interactions Packets (Slow-Path) Packets (Fast-Path) vpath Nexus 1000V ESX Servers Packets (Fast-Path) 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 11
12 VSG Security Policy Model
13 Security Profile Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 13
14 Security Profile Policy Set Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 14
15 Security Profile Policy Set Policy 1 Rule 1 Rule 2 Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 15
16 Security Profile Policy Set Policy 1 Policy 2 Policy N Rule 1 Rule 1 Rule 1 Rule 2 Rule 2 Rule 2 Rule N Rule N Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 16
17 Security Profile Policy Set Policy 1 Policy 2 Policy N Rule 1 Rule 1 Rule 1 Rule 2 Rule 2 Rule 2 Rule N Rule N Rule N Rule is analogous to an ACE; Policy is analogous to an ACL 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 17
18 Rule Source Condition Destination Condition Action 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 18
19 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 19
20 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone New Attributes Name Guest OS full name Resource Pool Parent App Name Port Profile Name Cluster Name DNS Name Network Attributes IP Address Network Port Hypervisor Name 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 20
21 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone Attributes Name Guest OS full name Resource Pool Network Attributes IP Address Network Port Operator eq neq Operator member Not-member Parent App Name gt Contains Port Profile Name lt Cluster Name range DNS Name Not-in-range Hypervisor Name Prefix 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 21
22 Rule Source Condition Destination Condition Action Condition Attribute Type Network User Defined vzone New Attributes Network Attributes Instance Name IP Address Guest OS full name Network Port Zone Name Parent App Name Port Profile Name Cluster Name Hypervisor Name Operator Operator eq member neq Not-member gt Contains lt range Not-in-range Prefix 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 22
23 VSG Use Cases
24 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 24
25 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 25
26 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 26
27 Server Zones Portal Records Database Application Virtual Security Gateway (VSG) HVD Zones IT Admin Assistant Doctor Guest it Admin Network Guest Doctor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 27
28 Database Servers DMZ Servers Exchange Servers Application Servers Training Servers R&D Servers If vm-name contains TRNG, that belongs to TRNG zone Source Destination Protocol Action Zone=TRNG Zone=TRNG Any Permit Any Zone=TRNG Any Permit Zone=TRNG Any Any Drop 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 28
29 Web Client Permit Only Port 80(HTTP) of Web Servers Permit Only Port 22 (SSH) to Application Servers Block All External Access to Database Servers Web-Zone Web" Server" Web" Server" Application-Zone App" Server" App" Server" Database-Zone DB" Server" DB" Server" Only Permit Web Servers Access to Application Servers Only Permit Application Servers Access to Database Servers 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 29
30 Virtual ASA1000v
31 Proven Cisco Security Virtualized Physical virtual consistency vcenter Virtual Network Management Center (VNMC) Collaborative Security Model VSG for intra-tenant secure zones Virtual ASA for tenant edge controls Seamless Integration With Nexus 1000V & vpath Scales with Cloud Demand Multi-instance deployment for horizontal scale-out deployment vsphere Tenant A Virtual ASA Tenant B VDC VDC vapp VSG VSG VSG vapp VSG Virtual ASA vpath Nexus 1000V 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 31
32 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 32
33 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath VSG Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 33
34 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) VSG 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 34
35 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) 4 VSG 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 35
36 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath (policy evaluation) 4 VSG 5 3 Nexus 1000V Distributed Virtual Switch vpath ASA 1 Initial Packet Flow 2 ASA in line 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 36
37 Virtual Security Gateway / ASA Intelligent Traffic Steering with vpath VSG Nexus 1000V Distributed Virtual Switch vpath 3 ASA 1 Rest of the flow 2 ASA in line (policy downloaded) 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 37
38 NAT IPSec VPN (Site-to-Site) Default Gateway DHCP Static Routing Stateful Protocol IP Audit Role based separation Consistent ASA feature set Intelligent traffic steering via vpath Strategic Partnership with Ware Not just an ASA Part of a solution which benefits from vpath 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 38
39 Cisco N1KV (vpath) is leveraged by VSG and vasa for deployment VSG is NOT required to installed on every physical host VSG provides a High Availability solution to protect multiple ESX hosts Supports a Multitenant Environment Non-Disruptive Administration Model - Security team manages Security Polices VNMC VSG vpath Nexus 1000V Hypervisor 2011 Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 39
40 Thank you Cisco and/or its affiliates. All rights reserved. - Last Updated 2/23/2012 Cisco Confidential 40
Nevrijeme u oblacima i kako se zaštititi
Nevrijeme u oblacima i kako se zaštititi Goran Peteh Enterprise Systems Engineer Zagreb, 0.2.20. Agenda Internet trends MorganStanley Identity-aware infrastructure Physical and virtual security Cumulus
More informationDeploying Cloud Network Services Prime Network Services Controller (formerly VNMC)
Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC) Dedi Shindler - Sr. Manager Product Management Cloud System Management Technology Group Cisco Agenda Trends Influencing
More informationNetwork Services in Virtualized Data Center
Network Services in Virtualized Data Center Tomáš Michaeli Consulting Systems Engineer, DCV Central / Czech republic 21 Mar 2012 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Almost
More informationCisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer
Cisco Virtual Networking Solution Nexus 1000v and Virtual Services Abhishek Mande Engineer mailme@cisco.com Agenda Application requirements in virtualized DC The Anatomy of Nexus 1000V Virtual Services
More informationVirtuální firewall v ukázkách a příkladech
Praha, hotel Clarion 10. 11. dubna 2013 Virtuální firewall v ukázkách a příkladech T-SEC3 / L2 Tomáš Michaeli Cisco 2013 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Agenda VXLAN
More informationCisco Virtual Security Gateway Deployment Guide VSG 1.4
Deployment Guide Cisco Virtual Security Gateway Deployment Guide VSG 1.4 Deployment Guide 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 33
More informationVirtual Security Gateway Overview
This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,
More informationDeploying the Cisco ASA 1000V
CHAPTER 2 This chapter includes the following sections: Information About the ASA 1000V Deployment, page 2-1 Downloading the ASA 1000V OVA File, page 2-7 Deploying the ASA 1000V Using the VMware vsphere
More informationSecuring Containers Using a PNSC and a Cisco VSG
Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 4 About
More informationSecuring Containers Using a PNSC and a Cisco VSG
Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 3 About
More informationSegmentation. Threat Defense. Visibility
Segmentation Threat Defense Visibility Establish boundaries: network, compute, virtual Enforce policy by functions, devices, organizations, compliance Control and prevent unauthorized access to networks,
More informationCisco Nexus 1000V Switch for Microsoft Hyper-V
Q&A Cisco Nexus 1000V Switch for Microsoft Hyper-V Overview Q. What are Cisco Nexus 1000V Switches? A. Cisco Nexus 1000V Switches provide a comprehensive and extensible architectural platform for virtual
More informationData Center Virtualization Setting the Foundation. Ed Bugnion VP/CTO, Cisco Server, Access and Virtualization Technology Group
Data Center Virtualization Setting the Foundation Ed Bugnion VP/CTO, Cisco Server, Access and Virtualization Technology Group I Fought the Law, and the Law Won Sonny Curtis and the Crickets Moore s Law
More informationCisco Virtual Security Gateway, Rel. 4.2(1)VSG1(3.1) and Cisco Virtual Network Management Center, Rel. 1.3 Installation and Upgrade Guide
Cisco Virtual Security Gateway, Rel. 4.2(1)VSG1(3.1) and Cisco Virtual Network Management Center, Rel. 1.3 Installation and Upgrade Guide February 16, 2012 Americas Headquarters Cisco Systems, Inc. 170
More informationHW virtualizace a podpora hypervizorů různých výrobců
Cisco Expo 2012 HW virtualizace a podpora hypervizorů různých výrobců René Raeber Datacenter Architect IEEE 802.1DCB Architect Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter
More informationCisco Nexus 1000V Series Switches
Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches are virtual machine access switches that are an intelligent software switch implementation for VMware vsphere environments
More informationTable of Contents HOL-PRT-1305
Table of Contents Lab Overview... 2 - Abstract... 3 Overview of Cisco Nexus 1000V series Enhanced-VXLAN... 5 vcloud Director Networking and Cisco Nexus 1000V... 7 Solution Architecture... 9 Verify Cisco
More informationvshield Administration Guide
vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationCisco Nexus 1000V Series Switches
Data Sheet Cisco Nexus 1000V Series Switches Product Overview Cisco Nexus 1000V Series Switches provide a comprehensive and extensible architectural platform for virtual machine and cloud networking. The
More informationQUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide
QUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide 1 Preface 2 Installation Prerequisites 3 Installing VNMC 4 Configuring VNMC 5 Troubleshooting VNMC Installation and Configuration
More informationCisco Virtual Network Management Center GUI Configuration Guide, Release 1.3
Cisco Virtual Network Management Center GUI Configuration Guide, Release 1.3 First Published: January 31, 2012 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA
More informationCisco Prime Network Services Controller 3.0 CLI Configuration Guide
Cisco Prime Network Services Controller 3.0 Configuration Guide January 29 2014 Chapter 1 Overview... 4 Information About Prime Network Services Controller... 4 Information About the Prime Network Services
More informationNexus 1000V in Context of SDN. Martin Divis, CSE,
Nexus 1000V in Context of SDN Martin Divis, CSE, mdivis@cisco.com Why Cisco Nexus 1000V Losing the Edge Server Admin Host Host Host Host Server Admin manages virtual switching! vswitch vswitch vswitch
More informationCisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge
Cisco Nexus 1000V for Microsoft Hyper-V: Expanding the Virtual Edge Appaji Malla Sr. Product Manager Cisco Cloud Networking Services Division Agenda Cisco s Virtual Networking Vision Cisco Nexus 1000V
More informationEvolution of Data Center Security Automated Security for Today s Dynamic Data Centers
Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAI2803BU The Road to Micro- Segmentation with VMware NSX #VMworld #SAI2803BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationCisco Prime Network Services Controller 3.0 User Guide
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-28179-01 Cisco
More informationCisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches
Cisco Nexus 1000V InterCloud based Hybrid Cloud Architectures and Approaches Kapil Bakshi Solutions Architect Session Details - Session Title: Cisco Nexus 1000V InterCloud-based Hybrid Cloud Architectures
More informationvshield Quick Start Guide
vshield Manager 4.1.0 Update 1 vshield Zones 4.1.0 Update 1 vshield Edge 1.0.0 Update 1 vshield App 1.0.0 Update 1 vshield Endpoint 1.0.0 Update 1 This document supports the version of each product listed
More informationCisco HyperFlex Systems
White Paper Cisco HyperFlex Systems Converting to Cisco Nexus 1000V Distributed Switches for Cisco HyperFlex Virtual Machine Guest and VMware vmotion Networks Author: Hui Chen October 2016 2016 Cisco and/or
More informationThe Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec
The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product
More informationSolution Brief: VMware vcloud Director and Cisco Nexus 1000V
Solution Brief: VMware vcloud Director and Cisco Nexus 1000V Executive Summary Agility, flexibility, elasticity and reliability are requirements for the virtualized data center and for private and public
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationCreating Application Containers
This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 2 About Application Container Templates, page 5 Creating
More informationvcloud Air - Virtual Private Cloud OnDemand Networking Guide
vcloud Air - Virtual Private Cloud OnDemand Networking Guide vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationHybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud
Hybrid Clouds: Integrating the Enterprise Data Center and the Public Cloud Usha Ramachandran, Technical Marketing Engineer Session Abstract In this session, participants will learn how to create hybrid
More informationQ&As DCID Designing Cisco Data Center Infrastructure
CertBus.com 300-160 Q&As DCID Designing Cisco Data Center Infrastructure Pass Cisco 300-160 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee
More informationAttribute-Based Access Control
Attributes are customized network objects for use in your configuration. You can define and use them in Cisco ASA configurations to filter traffic associated with one or more virtual machines in an VMware
More informationCreating Application Containers
This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 3 About Application Container Templates, page 5 Creating
More informationData Center 3.0 Technology Evolution. Session ID 20PT
Data Center 3.0 Technology Evolution Session ID 20PT Session Goal The focus of this seminar is on the latest technologies some of which can already be used in today's deployments and some that will become
More informationAgenda Registration & Coffee
Agenda 09.15 Registration & Coffee 09:45 Welcome & Overview - Paul D'Cruz Data Centre Systems Engineering Manager 10:00 Unified Fabric - Virtualising the Network and Storage Domain - Gordon Hirst DC CSE
More informationTest - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version
Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version ACE Exam Question 1 of 50. Traffic going to a public IP address is being translated by your Palo Alto Networks firewall to your
More informationVMware vsphere 4.0 The best platform for building cloud infrastructures
VMware vsphere 4.0 The best platform for building cloud infrastructures VMware Intelligence Community Team Rob Amos - Intelligence Programs Manager ramos@vmware.com (703) 209-6480 Harold Hinson - Intelligence
More informationService Oriented Virtual DC Design
Dubrovnik, Croatia, South East Europe 20-22 May, 2013 Service Oriented Virtual DC Design Višnja Milovanović Consulting Systems Engineer Data Center & Virtualization 2011 2012 Cisco and/or its affiliates.
More informationCisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack
White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure
More informationDesigning Cisco Data Center Unified Computing
Designing Cisco Data Center Unified Computing Number: 642-998 Passing Score: 800 Time Limit: 120 min File Version: 1.1 http://www.gratisexam.com/ Sections 1. Drag and Drop 2. Questions 3. Hot Spot CISCO
More informationManaging ReadyClones
HX Data Platform ReadyClones Overview, on page 1 Benefits of HX Data Platform ReadyClones, on page 1 Supported Base VMs, on page 2 ReadyClone Requirements, on page 2 ReadyClone Best Practices, on page
More informationThe Nexus 1000V on Microsoft Hyper-V: Expanding the Virtual Edge
The Nexus 1000V on Microsoft Hyper-V: Expanding the Virtual Edge 2 Agenda Cisco s Virtual Networking Vision Cisco Nexus 1000V Portfolio Overview Recent Pricing Changes Architectural Overview Services Architecture
More informationArchitecting Scalable Clouds using VXLAN and Nexus 1000V
Architecting Scalable Clouds using VXLAN and Nexus 1000V Lawrence Kreeger Principal Engineer Agenda Session Is Broken Into 3 Main Parts Part 1: VXLAN Overview What is a VXLAN? Why VXLANs? What is VMware
More informationService Insertion with ACI using F5 iworkflow
Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models
More informationWhat s New with VMware vcloud Director 8.0
Feature Overview TECHNICAL WHITE PAPER Table of Contents What s New with VMware....3 Support for vsphere 6.0 and NSX 6.1.4....4 VMware vsphere 6.0 Support...4 VMware NSX 6.1.4 Support....4 Organization
More informationCisco Nexus 1000V InterCloud
Deployment Guide Cisco Nexus 1000V InterCloud Deployment Guide (Draft) June 2013 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 49 Contents
More informationCisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002
Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?
More informationSecurity for shared infrastructure in Cisco ONE Enterprise Cloud Suite BRKPCA-2040
Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite Roxana Diaz TSA, CCIE BRKPCA-2040 @roxadiaz2 Agenda Introduction Cisco VACS Overview VACS Configuration Security Use-cases Customers
More informationProduct Release 6.4 VMware Installation
Product Release 6.4 VMware Installation Document Revision 1.00 2014 Catbird Networks. All Rights Reserved. This document and product is protected by US and international copyright and intellectual property
More informationInstalling and Configuring vcloud Connector
Installing and Configuring vcloud Connector vcloud Connector 2.6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationArchitecting Tenant Networking with VMware NSX in VMware vcloud Director
VMware vcloud Architecture Toolkit for Service Providers Architecting Tenant Networking with VMware NSX in VMware vcloud Director Version 2.9 January 2018 Steve Dockar 2018 VMware, Inc. All rights reserved.
More informationNext Generation Data Centers Networks Consolidation and Virtualization
Next Generation Data Centers Networks Consolidation and Virtualization Samuel TAYLOR Directeur Technique Channel - WCA samtaylo@cisco.com 1 70 % of CIOs would increase spending on virtualization even if
More informationCisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14
Cisco Application Centric Infrastructure Roadshow Wednesday, 2. April 14 Cisco ACI Roadshow - Agenda Business and IT trends Cisco Open Network Environment (ONE) Lunch Cisco Application Centric Infrastructure
More informationACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)
This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias
More informationCisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.)
Volume: 223 Questions Question No: 1 Which three commands can be used to harden a switch? (Choose three.) A. switch(config-if)# spanning-tree bpdufilter enable B. switch(config)# ip dhcp snooping C. switch(config)#
More informationStorage Considerations for VMware vcloud Director. VMware vcloud Director Version 1.0
Storage Considerations for VMware vcloud Director Version 1.0 T e c h n i c a l W H I T E P A P E R Introduction VMware vcloud Director is a new solution that addresses the challenge of rapidly provisioning
More informationCisco Virtual Application Container Services 2.0 Lab v1
Cisco Virtual Application Container Services 2.0 Lab v1 Last Updated: 02-SEP-2015 About This Solution Cisco Virtual Application Container Services (VACS) enables simplified deployment of Secure Application
More informationConfiguring Administrative Operations
This section includes the following topics: Administrative Operation Conventions, page 1 Managing Backup Operations, page 1 Restoring a Backup Configuration, page 6 Managing Export Operations, page 10
More informationTest Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version
Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version ACE Exam Question 1 of 50. Which of the following statements is NOT True regarding a Decryption Mirror interface? Supports SSL outbound
More informationCloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing
Cloud Computing the VMware Perspective Bogomil Balkansky Product Marketing Cloud Computing - the Key Questions What is it? Why do you need it? How do you build (or leverage) one (or many)? How do you operate
More informationData Center Security. Fuat KILIÇ Consulting Systems
Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized
More informationOrchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud
Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack
More informationBuilding a Big IaaS Cloud. David /
Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute
More informationIntegration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit
Integration of Hypervisors and L4-7 Services into an ACI Fabric Azeem Suleman, Principal Engineer, Insieme Business Unit Agenda Introduction to ACI Review of ACI Policy Model Hypervisor Integration Layer
More informationVMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Efficient, Agile and Extensible Software-Defined Networks and Security WHITE PAPER Overview Organizations worldwide have gained significant efficiency and
More informationVMware vcloud Director for Service Providers
Architecture Overview TECHNICAL WHITE PAPER Table of Contents Scope of Document....3 About VMware vcloud Director....3 Platform for Infrastructure Cloud...3 Architecture Overview....3 Constructs of vcloud
More informationIntroducing the Cisco VNMC XML API
CHAPTER 1 The following sections provide general information about Cisco Virtual Network Management Center (VNMC) and the XML application programming interface (API): Overview of VNMC and XML APIs, page
More informationANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.
ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS. Ionka Gancheva, PhD student 45 Abstract: The article contains an analysis of virtual networks and technologies that are used at data centers nowadays. Many
More informationSecurity and Virtualisation in the Data Centre
Security and Virtualisation in the Data Centre Greg Gibbs Network Consulting Engineer CCIE #19084 Abstract The evolving complexity of the data centre is placing increased demand on the network and security
More informationOracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0
Design Guide Oracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0 This design guide describes how to deploy the Cisco Application Control Engine (Cisco
More informationNetwork Virtualization
Network Virtualization Petr Grygárek 1 Traditional Virtualization Techniques Network Virtualization Implementation of separate logical network environments (Virtual Networks, VNs) for multiple groups on
More informationEthernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade
Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS
More informationvcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5
vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this
More informationApplication Provisioning
Overview, page 1 Application Categories, page 1 Application Containers, page 2 Catalogs, page 7 Self-Service Provisioning, page 8 Overview After you have allocated your resources among your user groups,
More informationCisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13
Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual
More informationvsphere Networking for the Network Admin Jason Nash, Varrow CTO
vsphere Networking for the Network Admin Jason Nash, Varrow CTO Agenda What is virtualization? How does virtualization impact the network team? How should you approach virtualization? vsphere 101 Where
More informationVMware Integrated OpenStack Quick Start Guide
VMware Integrated OpenStack Quick Start Guide VMware Integrated OpenStack 1.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationVMWARE SERVICE PROVIDER PROGRAM PRODUCT USAGE GUIDE Q2
VSPP Product Usage Guide VMware Service Providers Program (VSPP) VSPP Product Usage Guide VMWARE SERVICE PROVIDER PROGRAM PRODUCT USAGE GUIDE Q2 2011 VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304
More informationCisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System
Cisco Virtual Topology System Cisco VTS Enabling the Software Defined Data Center Jim Triestman CSE Datacenter USSP jtriestm@cisco.com VXLAN Fabric: Choice of Automation and Programmability Application
More informationCisco Certdumps Questions & Answers - Testing Engine
Cisco Certdumps 642-996 Questions & Answers - Testing Engine Number: 642-996 Passing Score: 797 Time Limit: 120 min File Version: 16.8 http://www.gratisexam.com/ Sections 1. A 2. B 3. C 4. Exhibit Case
More informationSAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012
SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating
More informationCisco ACI Terminology ACI Terminology 2
inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias
More informationSecurity Gateway Virtual Edition
Security Gateway Virtual Edition R75.20 Administration Guide 4 March 2012 Classification: [Restricted] 2012 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation
More informationCisco ACI and Cisco AVS
This chapter includes the following sections: Cisco AVS Overview, page 1 Installing the Cisco AVS, page 5 Key Post-Installation Configuration Tasks for the Cisco AVS, page 14 Distributed Firewall, page
More informationVNS3 Configuration. Quick Launch for first time VNS3 users in Azure
VNS3 Configuration Quick Launch for first time VNS3 users in Azure Table of Contents Setup 3 Notes 9 Create a Static IP 12 Create a Network Security Group 14 Launch VNS3 from Marketplace 19 VNS3 Unencrypted
More informationService Graph Design with Cisco Application Centric Infrastructure
White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...
More informationOrdering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances
Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances The Single-node Trial for VMware vcenter Server on IBM Cloud is a single-tenant hosted private cloud that delivers
More informationLayer 4 to Layer 7 Design
Service Graphs and Layer 4 to Layer 7 Services Integration, page 1 Firewall Service Graphs, page 5 Service Node Failover, page 10 Service Graphs with Multiple Consumers and Providers, page 12 Reusing a
More informationVMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder
VMWARE SOLUTIONS AND THE DATACENTER Fredric Linder MORE THAN VSPHERE vsphere vcenter Core vcenter Operations Suite vcenter Operations Management Vmware Cloud vcloud Director Chargeback VMware IT Business
More informationDeployment Best Practices for Microsoft Platforms on UCS
Deployment Best Practices for Microsoft Platforms on UCS 2 Microsoft Datacentre Applications Increase Agility, Boost Performance, And Reduce Costs Performance Security Manageability Reliability ROI/TCO
More informationvcloud Director Administrator's Guide
vcloud Director 5.1.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of
More informationCisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003
Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Agenda ACI Introduction and Multi-Fabric Use Cases ACI Multi-Fabric Design Options ACI Stretched Fabric Overview
More informationWhat s New in VMware vsphere 4: Virtual Networking W H I T E P A P E R
What s New in ware vsphere 4: W H I T E P A P E R What s New in ware vsphere 4: Table of Contents Introduction................................................................ 3 ware vnetwork: Summary of
More information*Performance and capacities are measured under ideal testing conditions using PAN-OS.0. Additionally, for VM
PA-820 PA-500 Feature Performance *Performance and capacities are measured under ideal testing conditions using PAN-OS.0. Additionally, for VM models please refer to hypervisor, cloud specific data sheet
More information