Improve Existing Disaster Recovery Solutions with VMware NSX

Similar documents
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Practical Path to VMware NSX Nimish Desai - NSBU, VMware

IBM Cloud for VMware Solutions

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

Private Cloud Public Cloud Edge. Consistent Infrastructure & Consistent Operations

Introducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Design Use Cases

EBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud

TECHNICAL WHITE PAPER - MAY 2017 MULTI DATA CENTER POOLING WITH NSX WHITE PAPER

Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers

VMworld 2018 Content: Not for publication or distribution

Soluzioni integrate con vsphere La virtualizzazione abilita il percorso evolutivo di innovazione dell'it

VMWARE CLOUD FOUNDATION: INTEGRATED HYBRID CLOUD PLATFORM WHITE PAPER NOVEMBER 2017

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

A Practitioner s Guide to Migrating Workloads to VMware Cloud on AWS

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

ENTERPRISE HYBRID CLOUD 4.1.1

VMWARE CLOUD FOUNDATION: THE SIMPLEST PATH TO THE HYBRID CLOUD WHITE PAPER AUGUST 2018

Securing VMware NSX MAY 2014

Ewolucja sieci w Data Center

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Copyright 2015 EMC Corporation. All rights reserved. Published in the USA.

DISASTER RECOVERY- AS-A-SERVICE FOR VMWARE CLOUD PROVIDER PARTNERS WHITE PAPER - OCTOBER 2017

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Transform Availability

IBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud VMworld 2017 Content: Not for publicati

The Latest EMC s announcements

IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture

XtremIO Business Continuity & Disaster Recovery. Aharon Blitzer & Marco Abela XtremIO Product Management

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Securing VMware NSX-T J U N E 2018

Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers

Vscale: Real-World Deployments of Next-Gen Data Center Architecture

10 QUESTIONS, 10 ANSWERS. Get to know VMware Cloud on AWS The Best-in-Class Hybrid Cloud Service

Introducing VMware Validated Designs for Software-Defined Data Center

VMware Join the Virtual Revolution! Brian McNeil VMware National Partner Business Manager

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Redefining Networking with Network Virtualization

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

HCI mit VMware vsan Radikal einfach und vollständig in die SDDC Strategie integriert

Introducing VMware Validated Designs for Software-Defined Data Center

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Enabling Your Cloud with VMware. Rob Rowe Jason Kuipers

NET1846. Introduction to NSX. Milin Desai, VMware, Inc Kausum Kumar, VMware, Inc

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disaster Recovery-to-the- Cloud Best Practices

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Cloud Confidence: Simple Seamless Secure. Dell EMC Data Protection for VMware Cloud on AWS

Dedicated Hosted Cloud with vcloud Director

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Network Virtualization Business Case

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

VMWARE CLOUD TM ON AWS. Operations Model White Paper. November 2017

Elevate the Conversation: Put IT Resilience into Practice for Cloud Service Providers

Getting Started Guide. VMware NSX Cloud services

vrealize Introducing VMware vrealize Suite Purpose Built for the Hybrid Cloud

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

VMware Hybrid Cloud Solution

Dell EMC UnityVSA Cloud Edition with VMware Cloud on AWS

Next-Generation Data Center Interconnect Powered by the Adaptive Cloud Fabric

VMware vsphere 4.0 The best platform for building cloud infrastructures

Vision of the Software Defined Data Center (SDDC)

What s New with VMware vcloud Director 8.0

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

DEPLOYING A VMWARE VCLOUD DIRECTOR INFRASTRUCTURE-AS-A-SERVICE (IAAS) SOLUTION WITH VMWARE CLOUD FOUNDATION : ARCHITECTURAL GUIDELINES

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Converged and Hyper-Converged: Factory-Integrated Data Protection for Simplicity and Lifecycle Assurance

7 Things ISVs Must Know About Virtualization

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

VMware Cloud on AWS Technical Deck VMware, Inc.

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

Foundation for Cloud Computing with VMware vsphere 4

vrealize Operations Management Pack for NSX for vsphere 2.0

vsan Disaster Recovery November 19, 2017

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP

Cross-vCenter NSX Installation Guide. Update 4 VMware NSX for vsphere 6.4 VMware NSX Data Center for vsphere 6.4

Redefine Data Protection: Next Generation Backup And Business Continuity

VMware s Journey to the Cloud: IT SDDC Journey with vcloud Automation and Management Platform Initiative Using vsphere/vcloud Stack

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances

VPLEX & RECOVERPOINT CONTINUOUS DATA PROTECTION AND AVAILABILITY FOR YOUR MOST CRITICAL DATA IDAN KENTOR

Architecture and Design. 22 AUG 2017 VMware Validated Design 4.1 VMware Validated Design for Management and Workload Consolidation 4.

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

Architecture and Design. 17 JUL 2018 VMware Validated Design 4.3 VMware Validated Design for Management and Workload Consolidation 4.

The Software Defined Data Centre & vsphere 6.5 The foundation of the hybrid cloud Barry Coombs

Leveraging cloud for real business transformation

VMware vcloud Networking and Security Overview

Cross-vCenter NSX Installation Guide. Update 3 Modified on 20 NOV 2017 VMware NSX for vsphere 6.2

IBM Cloud for VMware Solutions Zerto Virtual Replication

Transcription:

Improve Existing Disaster Recovery Solutions with VMware NSX Kevin Reed Sr Manager, VMware Federal Networking & Security Team kreed@vmware.com 703.307.3253 Don Poorman Manager Solutions Enginering Govplace dpoorman@govplace.com 301.678.3667

2 Revisiting Disaster Recovery everybody s FAVORITE topic!

What is Disaster Recovery & Business Continuity? at least for the purposes of this webinar? Primary (Active) Datacenter Alternate (Passive) Datacenter N-S Connectivity WAN/Internet N-S Connectivity vcenter-a Web App DB Web App DB vcenter-b DB App Web App Web SRM SRM Local Storage Local Storage 3

What is Disaster Recovery & Business Continuity? at least for the purposes of this webinar? Primary (Active) Datacenter Alternate (Passive) Datacenter N-S Connectivity WAN/Internet N-S Connectivity vcenter-a Web App DB Web App DB vcenter-b Something bad happens here DB App Web SRM Forcing you to run workloads here App Web SRM Local Storage Local Storage 4

Traditional Workflow for Virtual Workload Failovers Get called at 2:32 AM Diagnose outage begin executing runbook for site failover and reach for lucky horseshoe keychain. Get halfway through powering up recovery VMs and realize ALL of their network settings are configured for the PRIMARY datacenter subnets. Grumble and add changing IP addresses to the list of things to do. Get halfway through reconfiguring recovery VM IP addresses before realizing your DNS entries are all pointing at the PRIMARY datacenter subnets. Bang head on table and plan to script those changes in future failover tests. Finish networking reconfiguration and application consistency checks just as Primary site comes back online. 5

Always Remember It has, and always will be, about workload SLA. 6

7 Application Continuity

Traditional Challenges for DR Solutions Change application IP addresses Re-create/Re-configure physical network for L2-L3 connectivity requirements Re-create security policies Update other physical device configuration Ex: load balancer Additional update/re-configuration (ACLs, DNS, Application IP Dependencies, etc.) Traditional Solutions:: Ex: L2 Over Dark Fiber VPLS Over MPLS Back Bone Hardware-Based Solution (OTV) Expensive, hardware-based, complex, operationally challenging, and/or long lead times required Site 2: King s Landing Winter is coming. Protect the workloads! Site 1: Winterfell Not holistic solutions only focused on the network and per-device configuration and lack automation and flexibility 8

NSX Networking and Security for DR Solutions What s needed is a software based approach which can provide: Ø Decoupling from physical hardware Ø Ease of deployment Ø Ease of use Ø Better security with micro-segmentation Ø Leverage higher-level security constructs Ø Flexibility Ø High degree of automation Ø Rapid deployment/recovery and productivity Ø Ease of testing DR Plan Ø Extensive partner ecosystem for services Ø Integration with other DR & SDDC components (SRM, vsphere hypervisor, vrealize Suite, etc.) 9

Traditional Disaster Recovery: Manual, Unreliable, Complex Infrastructure Challenges: Compute, Networking and Storage WAN / Internet WAN / Internet Storage Compute Network Web DB App Web DB App Deployment/Recovery Manual, Complex, Error Prone Deployment/Recovery: Automated and Reliable Deployment/Recovery Automated and Reliable Web DB App Web DB App Network Compute Storage 10

Traditional Disaster Recovery: Requires L2 Extension Infrastructure Challenges: Site Connectivity Protected WAN / Internet Complex and Expensive Connectivity Options at the WAN Edge Recovery WAN / Internet Network Fabric Recreate FW, LB Policies Recreate L3 Recreate L2 (Re-IP/Preserve IP Space) Network Fabric VM VM VM 10.1.1.0/24 10.1.1.0/24 VM VM VM VM VM VM 10.1.2.0/24 DC Extension 10.1.2.0/24 VM VM VM VM VM VM 10.1.3.0/24 VPLS, Overlay Transport, L2 Extensions 10.1.3.0/24 VM VM VM 11

The Solution: VMware NSX APP APP APP APP APP APP APP APP APP HARDWARE Compute Storage HARDWARE Networking Security HARDWARE Compute Storage Compute Storage Networking Security Networking Security

The Solution: VMware NSX APP APP APP Compute Networking Storage Security Reduce hardware complexity and OpEx costs Improve application availability and resiliency Expedite recovery and decrease downtime

VMware NSX The Next-Generation Networking Model Routing Switching Load balancing Firewalling/ACLs Network and security services now in the hypervisor East-west firewalling High throughput rates Hardware independent

Applying Network and Security Virtualization to IT Challenges Theme Security: Inherently Secure Infrastructure Automation: IT at the Speed of Business Application Continuity: Datacenter Anywhere Lead Use Case Micro-segmentation IT Automating IT Disaster Recovery Mission Value Enhanced Mission Security at reduced cost Time to Mission: Reduce infrastructure provisioning time from weeks to minutes Mission Resilience and Agility Other Use Cases Data Segmentation Secure End User Developer Cloud Multi-tenant Infrastructure Data Center Consolidation and Migration NSX in Public Cloud 15

VMware NSX Networking & Security Capabilities Logical Firewall Any Application (without modification) Virtual Networks VMware NSX Network Virtualization Platform Logical L2 Any Cloud Management Platform Logical Load Balancer Any Hypervisor Any Network Hardware Logical L3 Logical VPN Logical Switching Layer 2 over Layer 3, decoupled from the physical network Logical Routing Routing between virtual networks without exiting the software container Distributed Firewall (DFW) Logical Firewall, Kernel Integrated, High Performance Logical Load Balancer Application Load Balancing in software Layer 2 and Layer 3 VPN Site-to-Site & Remote Access VPN in software Network Address Translation (NAT) translate private IPs to public IPs DHCP - Server and Relay NSX API RESTful API for integration into any Cloud Management Platform Partner Eco-System

NSX Multi-Site Deployment Options Active-Active Data Centers Logical Network Connectivity (L2-L7) that enables resources in different physical locations to be pooled together as a unified set of compute resources. Also supports workload mobility between sites using Logical Networks and Security Solution: Single or Multi VC Logical Networks across Datacenters Disaster Recovery An active and stand-by application deployed in two different locations that are NOT in the same geographical fault domain Only one instance of application is active and passing traffic at any time Solution: SRM Protected Applications L2 Extension Extending L2 between sites and admin boundaries over L3 with or without encryption Solution: NSX L2 VPN 17

NSX Current Federal Certification Status Army CON (July 2015) Certification # 201519393 approved on 7/27/2015 DISA STIG (July 2016) Completed and published to IASE. ICSA Certification (January 2017) Both NSX for vsphere Distributed Firewall and Edge Firewall are certified against ICSA Corporate Firewall criteria. FIPS 140-2 (February 2017) NSX for vsphere 6.3.0 has a FIPS mode that uses only those cipher suites that comply with FIPS. NSX Manager and NSX Edge have a FIPS Mode that can be enabled via the vsphere Web Client or the NSX REST API. Common Criteria (May 2017) NSX for vsphere 6.3.0 testing has been completed and is in compliance with the EAL2+ level of assurance.

NSX for Disaster Recovery Resources Whitepapers / Design Guides Disaster Recovery with NSX and SRM NSX-V Multi-site Options and Cross-VC NSX Design Guide VMware NSX-V: Control Plane Resiliency with CDO Mode Enterprise Hybrid Cloud iland Network Virtualization Blog: Enhanced Disaster Recovery with Cross-VC NSX and SRM Cross-VC NSX for Multi-site Solutions NSX-V: Multi-site Options and Cross-VC NSX Design Guide Cross-VC NSX: Multi-site Deployments with Ease and Flexibility Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites Multi-site with Cross-VC NSX and Palo Alto Networks Security VMware NSX and SRM: Disaster Recovery Overview and Demo NSX-V 6.3: Cross-VC NSX Security Enhancements NSX-V 6.3: Control Plane Resiliency with CDO Mode Multi-site Active-Active Solutions with NSX-V and F5 BIG-IP DNS Disaster Recovery with VMware NSX-V and Zerto Videos (NSX YouTube Channel): Multi-site with Cross-VC NSX: Workload Mobility and Consistent Security Across Sites Multi-site with Cross-VC NSX and Palo Alto Networks Security VMware NSX and SRM - Disaster Recovery Overview and Demo 19

0 NSX DR In Action

DR Solutions with NSX Dell EMC Enterprise Hybrid Cloud Enterprise Hybrid Cloud 23

Business value NSX with EHC delivered to our customers 25% time saved from operational activities Provisioning time reduced from days to minutes Increased resource utilization Reduced provisioning times from 2 3 weeks to minutes Decreased total IT spend by 60% Reduced time to market for new business services by 65% 4X faster provisioning time 90% reduction in downtime 50% reduction in data center costs Consolidated data centers by 71% Reduced resource provisioning time from months to hours Unification of entire IT department vs. siloed teams 25

NSX Simplifies EHC DR add-on RecoverPoint for Virtual Machines (RP4VM) VM-level disaster recovery granularity Virtual Appliance Replication vsphere web client integration 26

1 2 3 2 Sites, 2 vcenters Active workloads 4 Use Case: Requirements 5 6 Bi-directional DR Consistent security Consistent networks and traffic engineering DR Consumption through CMP 27

Building the Network Site 1 Site 2 Controller Cluster vcenter NSX Manager Cross vcenter NSX 1 vcenter NSX Manager Blue_uDLR 5 Web App DB Blue App01 2 Green_uDLR Web App DB Green App01 28

Replicating the VMs Site 1 Site 2 Controller Cluster vcenter NSX Manager Cross vcenter NSX Recoverpoint for VM vcenter NSX Manager RP4VM vrpa RP4VM vrpa Blue_uDLR 3 Web App DB Blue App01 Web App DB Blue App01 RP4VM CG Green_uDLR Web App DB Green App01 RP4VM CG Web App DB Green App01 29

Securing the Applications Site 1 Site 2 Universal Security Groups, tags and DFW rules Controller Cluster vcenter NSX Manager RP4VM vrpa Cross vcenter NSX Recoverpoint for VM Universal Security Groups Blue_uDLR Static Inclusion 192.168.0.100 00:50:56:XX:YY:ZZ RP4VM vrpa vcenter NSX Manager 4 Web App DB Blue App01 Web App DB Blue App01 Dynamic Inclusion RP4VM CG Green_uDLR 6 Web App DB Green App01 RP4VM CG Web App DB Green App01

Summary NSX decouples networking services form the physical infrastructure allowing for a resilient DR solution Cross-VC NSX and SRM together provide an enhanced DR solution Consistent networking across sites with NSX prevents the need to manually map different networks and change application IP addresses NSX also provides consistent security policies across vcenter sites which enables automatic correct security for applications when a DR event occurs Cross-VC NSX component and site recovery is fully supported Automation can be leveraged in a NSX / SRM environment for additional requirements/needs: vro, NSX REST API 29

Kevin Reed Sr Manager, VMware Federal Networking and Security Team kreed@vmware.com 703.307.3253 Don Poorman Manager Solutions Engineering dpoorman@govplace.com 301.678.3667 30

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback