Ewolucja sieci w Data Center Czas na wirtualizację sieci za pomocą ware NSX Sławomir Słowiński Account Executive ware Networking and Security 2016 ware Inc. All rights reserved.
Focus on the App The goals haven t changed Security of Applications and Data Speed of Delivery Application Availability But everything else has Changes to Infrastructure irtualization Convergence Changes in Threats and User Behavior Changes in Application Architectures 2
Complex Goals Tied to the Network Speed of App Delivery Error-prone, repetitive manual processes and scripts for physical networking infrastructure Security of the Application Inadequate internal security controls, dependent on static network topologies to define policy Availability of Applications Inability to move or access apps across domains because of inconsistencies in IP and security configurations 3
Forced Compromises Compromised Speed Error-prone manual configurations Provisioning / configuration delays Time to market delays SPEED / FLEXIBILITY Lines of Business stakeholders FIXED LIITATIONS Defined by infrastructure and resources IT CAPACITY Compromised Security Threat response delays Significant security vulnerabilities Business and intellectual property risk SECURITY / RISK Networking and Security teams 4
Hardware Constraints The network, still defined by hardware, limits a virtualized environment IRTUALIZATION PLATFOR PROGRESS SDDC Compute Storage Network Compute Storage Network 5
Hardware Constraints The network, still defined by hardware, limits a virtualized environment IRTUALIZATION PLATFOR PROGRESS SDDC Compute Storage Network 6
irtualizing the Network Removing the final data center constraint Firewalling Load Balancing Switching Routing vswitch vswitch vswitch vswitch Hypervisor Hypervisor Hypervisor Hypervisor 7
irtualizing the Network Removing the final data center constraint Topology Independence Network irtualization Platform vswitch vswitch Hypervisor Hypervisor vswitch vswitch Hypervisor Hypervisor vswitch vswitch Hypervisor Hypervisor Pooled Data Center Capacity 8
STRATEGIC DECISION Drive business value today without compromise 9
Network irtualization How is it being applied today SECURITY Architecting security as an inherent part of the data center infrastructure AUTOATION Automating IT processes to deliver IT at the speed of business LICATION CONTINUITY Enabling applications and data to reside and be accessible anywhere 10
ware NSX Security icro-segmentation DZ Anywhere Secure User Environments Web App DB Alignment of Policy Controls Security and networking policy that travels with the workload independent of physical network topology Granular Policy Enforcement Enabling least privilege security with policy enforced at every workload 11
ware NSX Automation IT Automating IT ulti-tenant Infrastructure Rapid and Repeatable Application Deployments Automating Networking and Security for IT and Developers Web App DB BLUEPRINT 12
ware NSX Application Continuity Disaster Recovery DC Pooling Data Centers Anywhere Enabling applications and data to exist between data centers for disaster recovery or pooling of data center resources PP A Data Center 1 Data Center 2 13
From onths to inutes Accelerating deployment while strengthening security I now have the ability to deploy networking and security at the speed it takes to deploy a. CIO SECURITY AUTOATION CONTINUITY 14
Customer Challenges Customer business and technical concerns Data Center 1 Data Center 2 Lack of granular segmentation for security of virtual machines Complex access to shared services for new apps anual and time consuming app deployment with inconsistent security policy Production Non-production PCI Shared services 15
16 Solution Requirements Customer demands for NSX Automate shared services access Automate access to shared services on a per app basis without manual intervention Compliance and Auditing PCI compatibility for compliance and auditing irtualization and mobility aware Compute virtualization-aware and deployable at the speed of a Works at scale across two sites Central management across two sites that can operate at scale Choice and Extensibility Service insertion with third party especially IPS for E-W
+ Plan Execution Immediate realization of business benefits Critical Segmentation of workloads Production Non-production PCI Production Non-production PCI Data Center 1 Data Center 2 Shared services Automated Access to Shared Services Security group and policy set for access to shared IT services Custom monitoring dashboards using NSX APIs (e.g. list all FW rules for a ) SDDC Automation NSX security policy model to simplify and automate Leveraged tagging to classify workloads into security groups Overlay networking 17
Next Projects Leveraging current successes to align future goals ore 3 rd Party Appliances Implementation icro-segmentation Production Non-production PCI Automated Access to Shared Services SDDC Automation Remote Office Protection New DC Design Strategies Public Cloud Strategy 18
NSX ision: Driving NSX Everywhere anaging Security and Connectivity for many Heterogeneous End Points Branch offices (Partner) Public clouds New app frameworks Internet of things On-Premise Data Center irtual Desktop (DI) obile Devices (Airwatch) Automation IT at the Speed of Business Security Inherently Secure Infrastructure Application Continuity Data Center Anywhere 19
Sławomir Słowiński Account Executive Networking and Security +48 609 997 002 sslowinski@vmware.com 2016 ware Inc. All rights reserved.