vPath, a Cisco innovative technology developed within Cisco Nexus 1000V, has been shipping for more than 2 years, enabling customers to seamlessly create policy-based multi-tenant / multi-container Data Centers across multiple hypervisor environment. Increasingly, customers are implementing network services into their virtualization and cloud networks in order to meet regulatory, security and service levels. To this end we are seeing increased deployments of virtual firewalls, load balancing, routing, WAN optimization & monitoring tools. Cisco’s vPath technology allows customers to deploy these best-in-class network services seamlessly in their Data Center and Cloud deployments. So, what makes vPath so unique in this industry?
#1 -- vPath Powered Service Chaining at a tenant level: For customers to create multi-tenancy architecture today, they have to configure the different network services and manually “stitch” them together for every unique combination. While this method provides the goals for regulatory compliance, security and service levels it often increases application provision time, and does not easily support application mobility. Additionally most applications have to follow the same manually stitched network services.
With Cisco Nexus 1000V vPath technology, the customer’s Data Center becomes very agile by enabling policy based services chaining at the application or tenant level. Customers can create policies and select the L3-7 virtual services appropriate for the application at the time of VM or Tenant creation. These policies are then dynamically instantiated and fulfilled in the Nexus 1000V distributed virtual switch. If the particular application VM moves, the Nexus 1000V network policy moves with it and hence the service chain remains intact.
Figure 1: Policy based dynamic service chaining through vPath
#2 -- vPath enables Distributed Cloud Network Services: As noted in the picture above, vPath controls the packet flow through all Services that are chained for that particular policy. Once the first few packets of the flow is inspected by each Service node, vPath offers the capability to off load flow decisions of the particular Service to the local host such that the subsequent packets of the same flow are locally inspected at the host. Through this mechanism, vPath improves the performance of the particular service since the subsequent packets of the flow are no longer required to be inspected by the individual Service node and hence enabling distributed behavior of the particular service.
Figure 2: Distributed Cloud Network Services through vPath Fast Path Offload
#3 -- vPath offers Best-In-Class Cloud Network Services across multiple hypervisors: vPath enables the customers to use the best-in-class Cloud Network Services from Cisco such as Virtual Security Gateway, ASA 1000V & virtual WAAS, and best-in-class ecosystem partners such as Citrix NetScaler 1000V & Imperva Secure Sphere Web Application Firewall. This vPath enabled architecture will be supported across all major hypervisors such as VMware vSphere, Microsoft Hyper-V, KVM and Xen.
#4 -- vPath to become a standard based Network Services Header: In traditional fashion, Cisco creates innovative solutions to help solve our customer’s IT challenges. Once proven, we offer these technologies such as VXLAN through standards bodies to allow greater interoperability and choice. Recently, vPath header format has been submitted to the IETF as a Network Service Header draft. In the future customers will be able to leverage dynamic policy based services chaining including both virtual and hardware based solutions that support Network Services Header!
To learn more about Cisco Nexus 1000V and Cloud Network Services, please visit our community site. Create a Cloud Lab account and checkout out the vPath in action today!
Lastly, if you are at VMworld, make a point to attend our sessions PHC6409 and NET6380, or stop by at the Cisco booth.
Tags: Cloud Network Services, data center, Nexus1000V, SDN, service chaining, virtualization, vPath
Cisco live is here and the news and awards around the Nexus 1000V cloud networking and services platform just keep rolling in. Last week we announced the Citrix NetScaler 1000V virtual application delivery controller, which will be sold by Cisco. The Microsoft Hyper-V version of Nexus 1000V was officially released this month, and just like its VMware vSphere companion, there is a free version users can download and deploy. On the heels of its release the Nexus 1000V for Microsoft Hyper-V won the Best of Show in the virtualization category at Microsoft’s Tech Ed Conference.
Awards just kept piling up for the broader portfolio as Nexus 1000V InterCloud, our secure hybrid cloud connectivity solution, won a Best of Interop award in Tokyo this month. And just to show the marketing team is pulling its weight, a Nexus 1000V InterCloud video won a prestigious Silver Communicator award in the Online video/ B2B category.
There’s lots of new stuff to talk about Cisco live as well. If you recall, in February I discussed enhancements that Cisco was making in the Nexus 1000V portfolio to eliminate the requirement in VXLAN for IP Multicast. [Those enhancements are now shipping in a new Nexus 1000V release 2.2, full code string 4.2(1)SV2(2.1).] This new version even supports virtual switching for up to 128 hosts and 4096 virtual ports for greater scalability.
Read More »
Tags: cisco live, Citrix NetScaler 1000V, interop, IP Multicast, Nexus 1000v, Nexus 1000V InterCloud, vPath, VXLAN
With Cisco Live! in Orlando on the horizon, we are kicking off the news cycles and technology innovation a little early. Today we’re teaming with our friends at Citrix to announce the expansion of our virtual networking portfolio and provide clarity around our strategy for application delivery controller solutions.
There are two key elements of this strategy:
First, Cisco will begin reselling and supporting a customized version of the popular Citrix NetScaler virtual application delivery controller (ADC) as part of our Cloud Network Services portfolio. Branded Citrix NetScaler 1000V, the Cisco version of the product will be fully supported by the Cisco Technical Assistance Center. We will begin selling the NetScaler 1000V when available in Q3 CY 2013.
Secondly, Cisco and Citrix have worked on joint development to tightly couple the NetScaler ADC into Cisco’s virtual networking framework. This joint development includes integration of NetScaler 1000V with the Cisco Nexus 1100 Cloud Services Platform, and the Nexus 1000V services integration technology, vPath.
Cisco’s Cloud Network Services strategy bridges IT to application architects, and with this Citrix NetScaler 1000V announcement, we integrate virtual applications to Cisco Unified Fabric, delivering scalable, reliable application services to users.
Why is NetScaler 1000V the right solution now?
Advances in cloud computing, data center consolidation, mobility and big data are imposing new demands on the network, along with a drive for greater network simplification and automation.
As virtual networking and programmable overlay networks evolve to meet these challenges, an equal evolution needs to take place in Layer 4-7 application networking services and security to support widespread virtualization, application mobility, cloud architectures and network orchestration.
Cisco’s solution to this challenge is Cloud Network Services, a portfolio of integrated, application-aware network services and security offerings designed for virtual and cloud environments. The Cloud Network Services framework eliminates the obstacles of physical service appliances to accommodate the requirements of virtual applications and cloud deployments, such as:
- Limited scalability of physical services in fixed locations
- Inconsistent application performance based on workload location relative to services
- Difficulty in inserting security and network services into virtual networks
- Lack of control over services and policies for applications deployed at cloud service providers
The NetScaler 1000V virtual ADC
NetScaler 1000V fills an important void in Cisco’s virtual product architecture for an application delivery controller solution to give applications critical performance enhancements, offload application servers, and to help guarantee quality of service and improve end user experience. These requirements are growing exponentially with the increases in bring-your-own-device (BYOD), client mobility, and cloud migration.
Virtual services can be more flexibly deployed to cloud service providers without modification, while relying on the same infrastructure and policies that they might have with corresponding physical appliances in their on-premises data centers. With NetScaler 1000V, customers can have consistency across their physical, virtual and cloud infrastructures, along with the Citrix NetScaler physical appliances.
The Cisco Cloud Services Platform
With the evolution to Cloud Network Services as the Layer 4-7 framework for virtual and cloud networks, organizations are increasingly looking for a flexible platform to deploy these virtual service nodes rather than use existing application servers. Cisco has created the Nexus 1100 Cloud Services Platform to address this need.
The Nexus 1100 Cloud Services Platform is a series of UCS-based appliances dedicated to running Cloud Network Service nodes. In addition to the virtual services listed above, the Nexus 1100 runs the management platforms for the virtual network, the Virtual Security Module (VSM), and the Data Center Network Manager (DCNM) application. The Cloud Services Platform can be dynamically configured to allocate its virtual CPUs to each service as needed based on current application and performance requirements. Current models of the Nexus 1100 series include the Nexus 1110-S and 1110-X.
vPath: The Secret Sauce to Enabling Services in Virtual and Cloud Networks
vPath is a component of the Cisco Nexus 1000V virtual switch which directs traffic to appropriate virtual service nodes, such as firewalls or ADCs, in the right order for each application, independent of the topology of the network or the location of the network services. This allows for greater application mobility and more reliable service delivery. NetScaler 1000V will be integrated into the Cloud Network Services framework via vPath and will be a key differentiator against other ADC products.
As part of the Cisco-Citrix collaboration in next generation data center and cloud architectures, the Citrix NetScaler MPX line of high performing application delivery controllers will also attach to the Cisco Nexus 7000 Series switches. This capability will provide customers the benefits of higher resiliency, plug and play installation, improved agility, and increased leverage of both their switching and ADC investments.
All of the Cisco Cloud Network Services, including the Citrix NetScaler 1000V, will be on display next week at Cisco Live! Along with other announcements we have planned for data center and cloud networking, it promises to be a great event and we hope to see you there.
For more information, check also the press release here
Tags: 1000V, Cisco, citrix, cloud, Cloud Network Services, data center, NetScaler, security, virtualization, vPath
How can you get your data center off to a smooth start? At the Gartner Security & Risk Management Summit this week, I presented three data center innovations that hold the key to accelerating business securely.
Ease of provisioning
According to a recent Cisco IT case study, data center provisioning times have decreased from eight weeks to 15 minutes. Security must do the same to realize the full benefits of data center automation.
Often, businesses have trouble implementing this vision because of their existing IT. The people and their skill base, the processes they use and even the technology they have implemented, are very silo-based. It is not designed to integrate into an automated, on-demand model.
There are many challenges imposed by siloed technologies when you attempt to converge or virtualize these environments. A common issue is when storage and server platforms were not designed to work together. This necessitates expensive service engagements to build. Additionally, in order to hide the associated complexity, expensive management software has to be deployed to “simplify” infrastructure deployments. This approach just doesn’t work. The result is increasing complexity that makes the architecture brittle and costly.
At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.
Maximized Network Performance and Resilience
On a unified network, IT can ensure the highest levels of network performance and business continuity through:
• 8x performance density over competitive firewalls and up to 1.9 million new connections per second and 80 million maximum connections per second enables Cisco firewalls to meet the most stringent performance requirements
• Eliminating compromise, retrofits and disruption to network design via Virtual Portal Channel and FabricPath integration for increased efficiency
The third innovation that can streamline your data center and accelerate your business is actionable security intelligence. A secure network can differentiate by users and their multiple devices, differentiate applications, know behaviors and ultimately confirm IT policy is aligned with business. Building trusted chains that extend from the user to the application and are uniquely aligned to business context, can ensure efficiency and security.
Learn how Cisco can help you to leverage these innovations to accelerate your business securely.
Follow me on Twitter @e_desouza and discover my other presentation at Gartner in my previous blog Everything’s in the cloud : Now What?
Tags: Cisco, Cisco Security, Cisco Unified Fabric, data center, data center architecture, data center security, fabric, firewall, integrated security, it security, network security, secure infrastructure, security, security intelligence, virtualization, vPath
This week Nick Lippis from the Lippis Report sat down with Cisco Nexus 1000V Product Manager, Han Yang, to talk about the latest enhancements and trends with VXLAN, the primary virtual overlay tunneling technology in Cisco Nexus 1000V virtual networks.
In this 15 minute podcast (registration required), Han touches on three key innovations in the VXLAN area: 1) Cisco approaches to eliminating the requirement for IP Multicast by VXLAN (which I earlier blogged about here), 2) the support for virtual services, like virtual firewalls, with vPath (which I blogged about here), and 3) the use and availability of VXLAN gateways to connect virtual workloads to physical workloads in mixed application environments (which I haven’t blogged about yet, but probably should have :-)).
Nick’s podcasts always provide a good perspective on emerging technology trends and he takes complex topics and really helps his listeners get up to speed on the important bits. We always enjoy the chance to work with him. Give it a listen and let us know what you think.
Tags: IP Multicast, Nexus 1000v, Nick Lippis, vPath, VXLAN