Category Archives: Network virtualization

AWS, Azure, Featured, hybrid migration, Network Infrastructure, Network virtualization

Migrating Your Network to AWS & Azure to Achieve Hyper-Flexibility

What to Consider When Migrating Your Network

Network Consultant, Bobby Mazzotti, discusses how to migrate Layer 2 MPLS Networks to AWS & Azure and by moving away from traditional networks, you can achieve hyper-flexibility in your network. He also discusses what you need to consider first when migrating your network. The Azure vs AWS showdown has been going on for some time now. There’s no easy answer, so always take the time to figure out which is best for you!

Contact your account manager or reach out to us and set up a meeting to discuss your AWS/Azure migration initiatives.

By Jake Cryan, Digital Marketing Specialist

Featured, Network Infrastructure, Network virtualization, SDN, VMware, VMware NSX

Real World Example: Deploying VMware NSX in the Financial Sector

I recently finished up a project implementing VMware’s NSX and wanted to take a minute to recap my experience. The client I worked with provides call center services in the financial sector. They have to be able to securely access systems that have the ability to see credit card information along with other personal, sensitive information.

VMware NSXThe customer is building out new facilities to host their primary, PCI-related, applications.  In this environment, they have to be able to provide the highest levels of security, while providing high performing networking services. To achieve the necessary requirements, they have had to purchase new infrastructure: blade center systems, networking infrastructure (Nexus 5672s, Nexus 6000s, Nexus 7710s, Juniper SRXs, F5 load balancers, etc.), Software licensing, among other things.

They came across the need to purchase additional pairs of F5 load balancers but were up against their budget. When this happened, the Director / VP in charge of the project evaluated VMware’s NSX technology. After some initial discussions, he realized that NSX could not only provide the type of security the environment needed to drive higher efficiencies but could also provide some of the general networking services he was looking for.

Previous network designs included the need for complete isolation of some workloads and, to achieve this, the design called for trusted traffic to traverse a separate pair of distribution/access layer switches to reach external networks. This design also made it necessary to acquire separate F5 load balancers, as specific traffic was not allowed to comingle on the same physical infrastructure due to the way the security team wanted to steer trusted and untrusted traffic. This meant that the team was required to purchase twice the hardware; separate Nexus 6000s and separate F5 load balancers.

Because of the NSX Distributed Firewall capabilities, security teams have the ability to place required rules and policies closer to applications than has previously been achievable. Because of this, networking designs changed, and allowed for infrastructure requirements previously deemed necessary to be alleviated. The ability to stop untrusted traffic before it ever reaches a logical or physical wire gave the team the opportunity to converge more of their networking equipment; eliminating the need to utilize separate Nexus 6000s. In addition, with the NSX Edge Services Gateway having the ability to provide network load-balancing, they were no longer required to purchase additional physical equipment to provide this service. With the budget they put towards NSX licensing, they were able to get the all the security and load balancing services they were looking for and also put money back into their budget.

The Engagement:

Over the span of approximately one month, the security team, networking team, server / virtualization team, and an auditing team worked together in designing what the NSX solution needed to achieve and how it would be implemented. I believe this to be an important aspect of NSX projects because of the misconception that the server / virtualization teams are trying to take over everything. Without each team, this project would have been a disaster.

As requirements were put forth, we built out NSX in building blocks. First, we identified that we would utilize VXLAN as a means to achieve desired efficiencies: eliminating VLAN sprawl, segregating trusted traffic in the logical, software layer, and allowing Disaster Recovery designs to become easier when using the same IP address space. Once networks and routing were implemented, we were able to test connectivity from various sites, while achieving all requirements by the security team. The next item was implementing NSX security. This item required new ways of thinking for most teams. With VMware NSX, customers have the ability to manage security based on vCenter objects, which provides more flexibility. We had to walk through what the contents of each application were, what types of communications were necessary, what types of policies were required, and, in identifying these items, we were able to build dynamic and static Security Groups. We then built Security Policies (some basic that could apply to a majority of similar applications, some application specific) and were able to re-use these policies against various Security Groups, speeding the deployment of application security. We applied weights to these policies to ensure application specific policies took precedence over the generic. In addition to Netflow, we applied “Flow Monitoring” as a means for the networking and security teams to monitor traffic patterns within the NSX environment.

All in all, this was a very successful project. Our client can now better secure their internal applications as well as better secure sensitive customer data.

Remember, NSX can be mislabeled as a server team product, however, the network team and security team need to know how it works and need to be able to implement it.

Are you interested in learning more about how GreenPages can help with similar projects? Email us at socialmedia@greenpages.com

 

By Drew Kimmelman, Consultant

Featured, Network Infrastructure, Network virtualization, Software Defined Networking

How to Prepare Your Environment for the Software Defined Networking Era

Whether it’s VMware NSX or Cisco ACI, to adopt any software defined networking solution there is a lot of backend work that needs to be done. Before you get into the weeds around specific products, take a step back. To be successful, you’re going to need to have a level of understanding about your applications you’ve never needed before. The key is to take the proper steps now to make sure you can adopt software defined networking technologies when the time comes.

 

Preparing Your Environment for the Software Defined Networking Era

 

//www.youtube.com/watch?v=Y6pVmNrOnCA

 

 

If you’re interested in speaking to Nick in more detail about software defined technology, reach out!

 

 

By Nick Phelps, Principal Architect

Featured, Network Infrastructure, Network virtualization, SDDC

Network Virtualization: A Key Enabler of the SDDC

In this video, Steve Mullaney, VMware’s SVP of Networking and Security Business Unit, discusses network virtualization. Network virtualization is a key enabler to delivering a software defined data center. According to Steve, from a customer perspective there really ends up being two use cases. The first is an agility use case to increase speed to innovation. In the past, organizations have had to separate infrastructures for development and dev and production. Network virtualization is allowing people to have one common computing infrastructure that they can logically isolate and create separate networks. This easily allows them to move from production to dev to test.

The second use case is security. Network virtualization allows organizations to provide additional security mechanisms within their data centers by using microsegmentation. If a company were to do this with physical firewalls and exiting technology, it would be extremely expensive and close to impossible operationally to implement. Network virtualization makes this a possibility.

You can hear more from Steve on Twitter. Follow @smullaney

 

Network Virtualization and the Software Defined Data Center

 

http://www.youtube.com/watch?v=CfiYqF9EU10

 

 

 

GreenPages is one of VMware’s top partners in the country and last year won its Global Virtualization of Business Critical Applications Award. Email us at socialmedia@greenpages.com to see how GreenPages can help with your VMware initiatives.

 

 

Hyper-V, Microsoft, Microsoft Windows, Network management, Network virtualization, Virtualization, Windows Server

F5 Extends Dynamic Networking to Windows Server-Based Virtual Network Environments

F5 Networks, Inc. today announced the F5 Network Virtualization Solution for Microsoft Windows Server 2012 Hyper-V. The solution gives F5 customers the flexibility to use the BIG-IP platform to deploy network services in cloud-driven data centers that are built on Windows Server 2012 Hyper-V. This announcement underscores F5’s commitment to deliver a dynamic, efficient data center that will ensure scalability, security, and manageability across an organization’s IT environments and systems.

With this solution, the same network-based services that the BIG-IP platform provides—such as local and global load balancing, advanced traffic steering, access control, and application security and acceleration—can now also be used to deliver applications in the Microsoft cloud and virtualized network environments. The solution is enabled by F5 BIG-IP Local Traffic Manager (LTM®) Virtual Edition (VE) running on Windows Server 2012 Hyper-V.

Organizations that use Hyper-V network virtualization to realize cost savings and operational efficiencies stand to gain many additional benefits from the F5 solution, including:

  • Improved Flexibility – Working in conjunction with Hyper-V
    network virtualization, the F5 solution supports seamless, low-cost
    migration to the cloud by allowing organizations to use the same
    policies and IP addresses in the cloud that they currently use in the
    physical network.
  • Cost Savings – The F5 solution accelerates data center
    consolidation by connecting hybrid cloud environments, enabling
    organizations to cut costs while extending their applications and
    services.
  • Efficient Network Management – The F5 solution can
    intelligently manage network traffic at layers 4-7, mitigating the
    need for organizations to build and manage large layer 2 networks.
  • Streamlined ADN Services – The F5 solution runs on Windows
    Server 2012 Hyper-V, and all services are applied in BIG-IP LTM VE, so
    no software upgrades or special code is required on the physical
    network.


Cisco Systems, Network virtualization, Networking, Nicira, US Venture Partners, Venture Funding, VMware

PLUMgrid Gets $10.7 Million for Software-Defined Networking

PLUMgrid, Inc. today announced that it has secured $10.7 million in Series A Funding from US Venture Partners (USVP) and Hummer Winblad Venture Partners. PLUMgrid, with nearly two years of development completed, is pioneering an ecosystem-driven network infrastructure built on software-defined networking (SDN) concepts. The company will deliver network virtualization solutions that will enable businesses to manage their physical, virtual and cloud datacenters with greater agility and efficiency.

In 2011, PLUMgrid raised an initial funding round of $2 million, and USVP partner Chris Rust joined the company’s Board of Directors. Hummer Winblad managing director Lars Leckie co-led the PLUMgrid series A and now joins Rust on the PLUMgrid Board of Directors.

PLUMgrid CEO Awais Nemat co-founded the company in early 2011, and has brought together an outstanding team of industry veterans with a proven track record of success in designing, developing and deploying some of the most important systems and services in the history of the networking industry. Nemat has assembled a group of highly decorated innovators from companies such as Cisco Systems, Marvell, Nicira, SUN, Vyatta and VMware. With a strong heritage in mission-critical enterprise network infrastructure, PLUMgrid’s engineers and software visionaries have contributed significantly to the emergence of network virtualization technology in the past five years.

“Network virtualization and the move to software-defined networking (SDN) is a strategically important focus area for the networking industry,” said Nemat. “PLUMgrid was started nearly two years ago with a vision of providing a better way for customers to address new networking application needs and reduce excessive costs and complexity. This $10.7 million financing round provides the resources for PLUMgrid to realize this vision and deliver a comprehensive SDN solution to our customers.”

“PLUMgrid has a compelling combination of large market opportunity, highly differentiated approach with deep IP, and an exceptional team with a track record of commercial success. USVP is delighted to be a founding investor in PLUMgrid, and to be joined by Hummer Winblad as our co-lead in what we believe to be the best-of-breed SDN solution in the marketplace,” said Chris Rust, partner, USVP.

“The networking industry is experiencing a major shift as infrastructure becomes software-driven,” said Lars Leckie, managing director, Hummer Winblad Venture Partners. “We see tremendous potential in supporting a new, unified network infrastructure that delivers value to customers by building on networking best practices yet enabling the radical agility, simplicity and ease of management that software brings to the table.”