Technology :: What’s New in VMware vCloud Networking and Security 5.1

With the release of vCloud Networking and Security 5.1 product, VMware brings the leading software defined networking and security solution that enhances operational efficiency, provides agility and is extensible to rapidly respond to business needs.
I just want to provide you some overview on how vCloud Networking and Security product brings the flexibility to the network and security aspects of the datacenter and point you to the resources where you can get more information.

There are different components of this solution. The first one addresses the networking challenge by providing a simpler approach of creating an abstracted logical network. In the vSphere infrastructure, you are already familiar with the process of creating virtual switches and associated port groups to build a virtual logical network. This process of creating virtual network is quick and easy because it is software defined. However, the virtual switch constructs are still dependent on the physical network configuration.

For example, if you create a new port group on a virtual switch to support a new application that needs isolation from other applications, you have to configure VLAN on the port group and also on the physical switches. So first, you need to work with the networking team before you can create this new port group and deploy application. This process might take days or weeks. With VDS + VXLAN, we create a new abstracted network, also called as an overlay network, that can be created or torn down with few clicks. Since this network is abstracted from the physical network topology, you don’t have to worry about re-configuring your physical network infrastructure. This allows administrators to provision isolated networks on-demand for their new applications or tenants.

The second component addresses the network services aspects. Once you create logical networks, you now would like to provide network services such as load balancers, DHCP services, Firewall, NAT services etc to the devices or workloads connected to these logical networks. The Edge and App virtual appliances will provide flexible on-demand network services to these logical networks.

The Third component addresses the extensibility of the solution through an open architecture with industry-standard APIs. This extensibility enables freedom of choice and avoids vendor lock-in. The solution allows third-party service insertion and thus organizations can easily take advantage of new technology, integrating operational workflows with existing systems and procedures. For example, you can deploy best of breed load balancing service from your vendor of choice. There are three different integration points – Within a virtual machine, at the edge of the virtual machine, and the edge of the virtual network.

Finally, the fourth and last component is the management and operation of this complete solution. VMware provides simplified management and operation through the advanced capabilities of VDS, where network administrators have access to familiar troubleshooting and monitoring features such as NetFlow, Port Mirroring, and SNMP MIBS. On the security front the APP and Edge Firewall are tightly integrated with vCenter Server Objects such as cluster, port groups, vAPP etc. This integration makes rule creation faster and less error prone than legacy approaches that require administrators to manually create and maintain IP address–based objects.