In a blog post earlier this year, I highlighted the Nexus 1010-X virtual services appliance announced at Cisco Live! in London, and why virtual services can be best deployed on a separate UCS-based appliance running NX-OS. The Nexus 1010 and 1010-X are dedicated platforms for hosting virtual service nodes, like the Nexus 1000V virtual supervisor module (VSM), virtual firewalls, and our virtual network analysis module (NAM). All these services run in virtual machines on the Nexus 1010, rather than taking up valuable resources on application servers, and allow for easier manageability by the networking and security teams (rather than the server team).
Continuing on the same theme, this week at Cisco live! San Diego (my how time flies between these shows!), web application firewall (WAF) manufacturer, Imperva, announced that their SecureSphere WAF would soon be available on the Cisco Nexus 1010-X virtual services appliance (Q4 CY 2012). This is the first third-party virtual service announced on either the Nexus 1010 or 1010-X appliance, and provides additional security capabilities on top of Cisco’s virtualization infrastructure for cloud applications. Read More »
The Unified Network Services (UNS) portfolio of Layer 4-7 services (such as ACE and WAAS) also includes Cisco’s data center security solutions. A critical part of that security portfolio is our virtualization-aware firewall solution, Virtual Security Gateway (VSG). In a series of upcoming blog posts, I’ll be sharing a few use case scenarios that our customers are implementing with VSG.
For those of you new to VSG, I’ll point out that VSG’s role is to act as a virtual firewall between zones of virtual machines. Isolating traffic between VM zones has been very challenging prior to VSG because: 1) security policies have to be enforced between VMs running on the same server or same virtual switch (where there’s no place to put a firewall), 2) VMs move all around the network and the security policies (as enforced in the firewall) must follow the VM, and 3) the need to maintain segregation of duties for compliance purposes between the security and application server teams, where security is potentially enforced inside the virtual server.
Unified Network Services (UNS) is the portfolio of L4-7 network services and data center security products within the Data Center Business Advantage architecture. This week’s UNS spotlight is on Cisco’s Network Analysis Module (NAM), which provides network administrators deep visibility into network traffic and applications to help ensure consistent and cost-effective delivery of service to end users.
NAM is the foundation for establishing and verifying quality of service (QoS) policies, undertaking WAN optimization projects, and rolling out voice over IP (VoIP). It can also detect when configuration changes inadvertently degrade application performance, and provides clear insight towards rapid remediation. Consistent with many other UNS portfolio products, the NAM product family includes integrated service modules, virtual service blades and stand-alone appliances offering deployment flexibility and consistent performance visibility from the branch to the data center.
As a proof point of Cisco’s unified L4-7 service offerings, NAM offers end-to-end application performance visibility for Cisco Wide-Area Application Services (WAAS) deployments to help maximize your WAN acceleration efforts. NAM can help identify candidate sites and applications that will benefit the most with WAN optimization while quantifying and validating the impact of WAAS on application and network performance. The real-time visibility can also be used for ongoing optimization and troubleshooting performance degradation. The following graph shows the immediate impact of WAAS on transaction time for a particular application.
We are now offering a series of NAM Webinars to learn about Catalyst 6500 10G NAM-3 blade and new innovations in the latest Cisco Prime NAM software release 5.1. Register here. (Also, here is a short video on what’s new in the recent release of NAM software 5.1)
In addition, learn about the next-generation Catalyst 6500 NAM-3 blade to simplify operational manageability in Multi-Gigabit Ethernet deployments. Register Now – May 24 and May 25 We look forward to having you join us.