VSM's across remote data centers
Nothing sits around and gets stale for long at Cisco (outside the break rooms anyway). On the heels of shipping our Nexus 1000V 1.5.2 release earlier this week (which you can download from here), we are ramping up to show the upcoming generation of the virtual switch next week at VMworld in San Francisco. This new major release 2.1 will be going into beta in October, and will represent a quantum leap in ease of deployment and management, as well as greater security for cloud environments.
Features of the new Nexus 1000V 2.1 Release:
- vCenter Plug-in – Provides a holistic view of the virtual network to the server administrator from within VMware vCenter. A Nexus 1000V dashboard in vCenter shows the virtual supervisor module (VSM) and virtual ethernet module (VEM) details, such as VSM health status, license information, PNIC information, connected VM’s, et al.
- Support for Cisco TrustSec – Extends Cisco TrustSec security solutions for network-based segmentation of users and physical workloads to virtual workloads, leveraging Security Group Tags (SGT) for defining security segments. Data center segmentation and consistent security policy enforcement can now be implemented across physical and virtual workloads.
- Cross Data Center High-availability – Supports split Active and Standby Nexus 1000V Virtual Supervisor Modules (VSMs) across two data centers to implement cross-DC clusters and VM mobility while ensuring high availability. In addition, VSM’s in the data center can support VEM’s at remote branch offices. Read More »
Tags: ASA 1000V, Cisco ONE, CSR 1000V, Hyper-V, NAM, Nexus 1000v, OpenStack, TrustSec, Virtual Network Management Center, Virtual Security Gateway, virtual switch, VMware, vmworld, VNMC, vPath, vsg, VXLAN
In a blog post earlier this year, I highlighted the Nexus 1010-X virtual services appliance announced at Cisco Live! in London, and why virtual services can be best deployed on a separate UCS-based appliance running NX-OS. The Nexus 1010 and 1010-X are dedicated platforms for hosting virtual service nodes, like the Nexus 1000V virtual supervisor module (VSM), virtual firewalls, and our virtual network analysis module (NAM). All these services run in virtual machines on the Nexus 1010, rather than taking up valuable resources on application servers, and allow for easier manageability by the networking and security teams (rather than the server team).
Continuing on the same theme, this week at Cisco live! San Diego (my how time flies between these shows!), web application firewall (WAF) manufacturer, Imperva, announced that their SecureSphere WAF would soon be available on the Cisco Nexus 1010-X virtual services appliance (Q4 CY 2012). This is the first third-party virtual service announced on either the Nexus 1010 or 1010-X appliance, and provides additional security capabilities on top of Cisco’s virtualization infrastructure for cloud applications. Read More »
Tags: data center security, DCNM, NAM, Nexus 1000v, Nexus 1010, Nexus 1010-X, Virtual Security Gateway, vsg
Unified Network Services (UNS) is one of the three architectural pillars of Cisco’s Data Center Fabric, along with Unified Fabric and Unified Computing Services (UCS). UNS represents our portfolio of Layer 4-7 application services, including security, WAN optimization, application controllers, network monitoring and orchestration. This TechWise TV episode is a great overview to the vision behind UNS and the benefits of pulling this all together, especially for virualized and cloud environments.
Tags: ACE, ASA, NAM, Unified Network Services, UNS, waas
The Unified Network Services (UNS) portfolio of Layer 4-7 services (such as ACE and WAAS) also includes Cisco’s data center security solutions. A critical part of that security portfolio is our virtualization-aware firewall solution, Virtual Security Gateway (VSG). In a series of upcoming blog posts, I’ll be sharing a few use case scenarios that our customers are implementing with VSG.
For those of you new to VSG, I’ll point out that VSG’s role is to act as a virtual firewall between zones of virtual machines. Isolating traffic between VM zones has been very challenging prior to VSG because: 1) security policies have to be enforced between VMs running on the same server or same virtual switch (where there’s no place to put a firewall), 2) VMs move all around the network and the security policies (as enforced in the firewall) must follow the VM, and 3) the need to maintain segregation of duties for compliance purposes between the security and application server teams, where security is potentially enforced inside the virtual server.
Read More »
Tags: ACE, cloud, data center, firewall, NAM, Nexus 1000v, security, UNS, vdi, virtual deskop, Virtual Security Gateway, vsg, waas
Unified Network Services (UNS) is the portfolio of L4-7 network services and data center security products within the Data Center Business Advantage architecture. This week’s UNS spotlight is on Cisco’s Network Analysis Module (NAM), which provides network administrators deep visibility into network traffic and applications to help ensure consistent and cost-effective delivery of service to end users.
NAM is the foundation for establishing and verifying quality of service (QoS) policies, undertaking WAN optimization projects, and rolling out voice over IP (VoIP). It can also detect when configuration changes inadvertently degrade application performance, and provides clear insight towards rapid remediation. Consistent with many other UNS portfolio products, the NAM product family includes integrated service modules, virtual service blades and stand-alone appliances offering deployment flexibility and consistent performance visibility from the branch to the data center.
As a proof point of Cisco’s unified L4-7 service offerings, NAM offers end-to-end application performance visibility for Cisco Wide-Area Application Services (WAAS) deployments to help maximize your WAN acceleration efforts. NAM can help identify candidate sites and applications that will benefit the most with WAN optimization while quantifying and validating the impact of WAAS on application and network performance. The real-time visibility can also be used for ongoing optimization and troubleshooting performance degradation. The following graph shows the immediate impact of WAAS on transaction time for a particular application.
We are now offering a series of NAM Webinars to learn about Catalyst 6500 10G NAM-3 blade and new innovations in the latest Cisco Prime NAM software release 5.1. Register here. (Also, here is a short video on what’s new in the recent release of NAM software 5.1)
In addition, learn about the next-generation Catalyst 6500 NAM-3 blade to simplify operational manageability in Multi-Gigabit Ethernet deployments. Register Now – May 24 and May 25 We look forward to having you join us.
Tags: Cisco WAAS, NAM, UNS