One of the things I admire about Cisco marketing, and I think generates a lot of respect for us from our customers, is how we approach competitive marketing. Most importantly, we hardly ever do it. Sure, we arm our sales teams with specific comparison data, but it’s rare we feel the need to compare ourselves publically or to bash competitors. When you bash a competitor, it really only serves to give them credibility, and highlights that they must be doing something important to occupy your mindshare, or that of your customer’s. Occasionally though, we are faced with not only having to take the gloves off a little more, but responding to the inevitable FUD that gets thrown our way.
This brings us to a blog post written by HP about Cisco’s Virtual Security Gateway (VSG), which unfortunately contains a number of inaccuracies and misrepresentations of our product that we have to clear up.
Let’s start with this example:
Cisco has a product called the Virtual Security Gateway (VSG) for the Nexus 1000V Series. It is a virtual firewall that lets you enforce policy and segmentation virtual environments. All associated security profiles are configured to include trust-zone definitions and access control lists (ACLs) or rules. They also support VM mobility when properly configured. If there’s one thing the company is good at, it is those good-old ACLs developed back in the early 90s!
The strength of VSG’s firewall capabilities is its awareness of the virtual machine environment, and specifically the ability to write firewall rules based on the attributes of the virtual machine, attributes such as the NAME of the VM. This gives tremendous power to establish policies in virtual environments, such as logically isolating tenants running on the same machine, or separating VMs based on operating system or application type in virtual desktop environments, a use case I wrote about earlier. To imply VSG is enforcing good-old ACL’s from the 90’s is disingenuous at best. Read More »
Tags: ASA, data center security, Nexus 1000v, Virtual Security Gateway, vsg
At Cisco Live earlier today, I had opportunity to talk with my very good friend Sean Gilbert (VMware’s Global Technical Alliance Manager for Cisco) about all the cool stuff that VMware is showcasing in their booth at Cisco Live. I was particularly interested in the demos and Cisco specific integration that will help our joint customers accelerate journey to private and hybrid clouds.
I was impressed with what I heard and thought it would be nice to share the highlights of the conversation I had with Sean. Here it is…should not be more than 5 minutes read
Read More »
Tags: Cisco, cisco live, Cisco UCS, Cisco zero client, Nexus 1000v, vCloud Director, VMware
Last week Cisco, VMware, and NetApp published a very detailed CVD deployment guide to further simplify and accelerate the deployments of Enhanced Secure Multi-Tenancy (ESMT) solution on FlexPod for VMware. ESMT is a key FlexPod add-on feature that allows secure hosting and protection of virtualized data centers for multiple tenants on the same, shared FlexPod infrastructure. Availability, Secure Separation, Service Assurance, and Management are the key foundational pillars of the ESMT architecture. Each of these pillars is enabled by innovative technologies from Cisco, NetApp, and VMware.
Read More »
Tags: Cisco, Cisco ACE, Cisco Nexus, Cisco UCS, cloud, ESMT, FlexPod, FlexPod for VMware, netapp, Nexus 1000v, Secure Multi-tenancy, SMT, unified computing system, virtualization, VMware, VMware vShield
What is VM-FEX? VM-FEX is the consolidation of the virtual switch and physical switch into a single management point.
This sounds funny to say, but it amazes me how many people still use standard VMware vSwitches. In the enterprise there are just too many things that can be missed on standard vSwtiches and we need consistency. This consistency is obvious when port group names need to match identically or vMotion will fail. Last time I went through the VMware vSphere: Install, Configure, Manage class we were working on the standard vSwitch configuration, which utilizes some interesting port group failover order setting which include overrides. So, I zipped through my sheet and was waiting for the instructor to ask for answers. After a few other students I spoke up and proceed to explain my complex but accurate vSwitch configuration.
You remember this diagram from class right??
And the override settings?
Read More »
Tags: Cisco UCSM, Cisco VIC, Cisco Virtual Interface Card, CiscoUCS, DVS, Nexus 1000v, palo, VM-FEX, VMware, vNIC, vSwitch
Today, I wanted to point out a couple of great resources to develop a deeper understanding of Cisco’s virtual switch, the Nexus 1000V.
First, we were excited to have Prashant Gandhi, our Sr. Director of Product Management for the Nexus 1000V, be invited onto the latest Packet Pushers Podcast, hosted by Greg Ferro. If you aren’t yet familiar with the PP Podcasts, they are an entertaining technical dive into a wide range of networking concepts with guests from vendors as well as large IT organizations. Greg’s expertise lies in the data center and with all things networking, including virtualization and L4-7 application services. In this podcast, all about the Nexus 1000V, Greg, Prashant and the other co-hosts talk about the architecture and deployment issues. There’s an extensive comparison of Cisco’s 802.1Qbh virtual Ethernet bridge protocol with the 802.1Qbg proposal from HP, VEPA. Listen to the full podcast here.
Greg had made an earlier plea on his blog that he wasn’t getting enough Cisco guests. We were happy to help out and enjoyed the interaction. We talked about having Prashant back on a future show to talk about vPath and the Virtual Security Gateway (VSG), the virtual firewall running on the Nexus 1000V. We look forward to that as well.
For a deeper, hand-on dive into the Nexus 1000V, nothing beats the Cisco CloudLab (http://cloudlab.cisco.com). We’ve set up an online workbench configured with all the tools and software to play around with the virtual switch yourself. Cisco Cloudlab is available to folks outside Cisco, but you will have enter the name of a Cisco employee sponsor to approve access. There are a number of lab exercises you can walk through to get a general overview, install or upgrade the Nexus 1000V, as well as VSG.
Of course, if you are really ready to test it out on your own, you can always download a trial version for your own system at the Nexus 1000V page (http://www.cisco.com/go/nexus1000v).
Tags: Nexus 1000v, Virtual Security Gateway