Cisco Blogs


Cisco Blog > Data Center and Cloud

ASA 1000V Cloud Firewall Now Available to Secure Multi-tenant Data Centers

August 26, 2012 at 11:00 am PST

Virtualization news continues to move to the forefront as we head towards the start of VMworld in San Francisco. Last week we unveiled the upcoming Nexus 1000V 2.1 major release here. Perhaps the biggest news on the virtual security front is the availability last week of the ASA 1000V Cloud Firewall (download a free trial here). We’re also announcing special introductory pricing on the ASA 1000V of 50% off the list price, which also includes our new Virtual Network Management Center (VNMC) 2.0. Other promotional pricing bundles are available as well.

We’re excited about the ASA 1000V because it brings virtually all the features of our physical ASA appliances to virtual environments, providing greater consistency across the physical, virtual and cloud domains, however your applications are deployed. The ASA 1000V will primarily be deployed to protect tenants in a multi-tenant cloud environment with traditional edge security services including VPN, NAT, attack prevention and DHCP. This will complement our Virtual Security Gateway (VSG) firewall which has greater visibility to VM-specific policy attributes, and will be used to isolate VM-VM traffic within a tenant.

Both ASA 1000V and VSG use vPath 2.0 in the new Nexus 1000V to steer appropriate traffic to the right firewall, or other virtual service nodes, in the right sequence, while automatically keeping policies consistent and the service paths properly configured after vMotion events. And the ASA 1000V comes bundled with the new Virtual Network Management Center (VNMC) 2.0 that we announced this week as well, for easy management and deployment of virtual security policies.

But since there’s still a lot to do prepping for this week’s activities, like #v0dgeball, I’ll wrap up here and let Jimmy Ray from TechWiseTV share some of his thoughts on ASA 1000V and VSG (and remember, if you are around #VMworld this week, give us a shout out on twitter using Cisco hash tag #ciscovmw or to me @gkinghorn).:

Tags: , , , ,

The Next Evolution of Cisco’s Nexus 1000V Virtual Switch to be Featured at VMworld

August 24, 2012 at 5:00 am PST
Remote Active - Standby VSM pairs

VSM's across remote data centers

Nothing sits around and gets stale for long at Cisco (outside the break rooms anyway). On the heels of shipping our Nexus 1000V 1.5.2 release earlier this week (which you can download from here), we are ramping up to show the upcoming generation of the virtual switch next week at VMworld in San Francisco. This new major release 2.1 will be going into beta in October, and will represent a quantum leap in ease of deployment and management, as well as greater security for cloud environments.

Features of the new Nexus 1000V 2.1 Release:

  • vCenter Plug-in – Provides a holistic view of the virtual network to the server administrator from within VMware vCenter. A Nexus 1000V dashboard in vCenter shows the virtual supervisor module (VSM) and virtual ethernet module (VEM) details, such as VSM health status, license information, PNIC information, connected VM’s, et al.
  • Support for Cisco TrustSec -- Extends Cisco TrustSec security solutions for network-based segmentation of users and physical workloads to virtual workloads, leveraging Security Group Tags (SGT) for defining security segments. Data center segmentation and consistent security policy enforcement can now be implemented across physical and virtual workloads.
  • Cross Data Center High-availability – Supports split Active and Standby Nexus 1000V Virtual Supervisor Modules (VSMs) across two data centers to implement cross-DC clusters and VM mobility while ensuring high availability. In addition, VSM’s in the data center can support VEM’s at remote branch offices. Read More »

Tags: , , , , , , , , , , , , , , , ,

New Nexus 1000V Virtual Switch 1.5.2 Release Now Available

August 21, 2012 at 5:00 pm PST

Nexus 1000VToday Cisco made a new version of its Nexus 1000V virtual switch available for immediate download. The newly available Nexus 1000V 1.5.2 release can be downloaded for a 60 day free trial from here. As most of you know because you’ve been reading all my blog posts over the last year, the Nexus 1000V is the edge switch for virtual environments, bringing the network edge right up to the virtual machine, by residing in the hypervisors and connecting virtual ports to the physical network and beyond. The Nexus 1000V is the foundation for our entire virtual network overlay portfolio, including all of our virtual L4-7 application and security services, our cloud orchestration software, VXLANs and more.

The new release supports the latest version of VMware’s vSphere hypervisor, and includes vPath 2.0 with service chaining between virtual services. I wrote a blog post a couple of weeks ago about the importance of vPath in inserting virtual services into data center networks, and now we also have a great new white paper available on vPath service insertion technology. The most important enhancement in vPath 2.0 is that you can now insert multiple services in the path between the source and destination addresses in your virtual network.  Read More »

Tags: , , , , ,

vPath: The Secret Sauce to Enabling Virtual Network Services

July 31, 2012 at 4:09 pm PST

Wow, there’s been a lot of news in the SDN and virtual networking space in the last week or so! VMware acquiring Nicira, and Oracle acquiring Xsigo are testimony to how important virtual overlay networks and virtual switching infrastructure has become for data center vendors, and how integral they are to each company’s strategy. Speaking of our own Nexus 1000V-based virtual networks, last week I provided an overview and some new resources on Virtual Extensible LANs (VXLAN) for Nexus 1000V virtual switches. That turned out to be quite a popular post, so I’m following up this week on another fundamental component of Nexus 1000V-based virtual networks, vPath, the secret sauce that allows us to deploy virtual network services in the data center.

What is vPath? Well, if VXLANs can set up secure tunnels over a shared, multi-tenant virtual network, vPath is a feature of the Nexus 1000V virtual switch that can redirect traffic to virtual application services before the switch sends the packets down into the virtual machine. Very important stuff, but how does it do that? I find that my blog posts are more popular the less I type, and the more I embed cool TechWiseTV videos that illustrate the concept, so I’m dusting off this classic from the TWTV team on just how vPath does that with our Virtual Security Gateway (VSG). Take it away Robb

But wait, there’s more… Read More »

Tags: , , , , , , , , , , , , , ,

New Forrester Report Offers Insights to Deploying Virtual Network Services

July 2, 2012 at 12:03 pm PST

An interesting new report has been issued by Forrester Research that provides a great deal of market research and insight into the challenges of the data center network supporting large-scale virtualization. The report provides a representative view about the types of obstacles organizations are facing and where they are making new investments, along with some recommended best practices. As usual, the application services infrastructure is one of the biggest challenges, i.e., how to replicate the layer 4-7 and security services that mission-critical applications require in a highly virtualized or hybrid cloud environment. While servers and networks have largely been virtualized, relying on physical firewalls or application controllers can undermine or limit the beneficial effects of virtualization.

Forrester starts by pointing out what benefits customers are looking for and where they see the greatest growth in virtualization going forward. Over the next four years, Forrester sees 500% growth in total virtual x86 workloads that will be hosted in private cloud IaaS (Infrastructure as a Service), where virtual servers are isolated between tenants, compared to 170% growth in private cloud pools in organizations’ own data centers. Forrester points out that overlooking virtual services can “negate private and public cloud investments”, however. 33% of their respondents indicated that they have difficulty integrating public services with internal virtual infrastructures, with 24% specifically citing “frustration with capability, agility and flexibility of traditional application delivery controllers (ADC)”. (see next table).


Read More »

Tags: , , , , , , , , , , , ,