What is vPath? Well, if VXLANs can set up secure tunnels over a shared, multi-tenant virtual network, vPath is a feature of the Nexus 1000V virtual switch that can redirect traffic to virtual application services before the switch sends the packets down into the virtual machine. Very important stuff, but how does it do that? I find that my blog posts are more popular the less I type, and the more I embed cool TechWiseTV videos that illustrate the concept, so I’m dusting off this classic from the TWTV team on just how vPath does that with our Virtual Security Gateway (VSG). Take it away Robb…
An interesting new report has been issued by Forrester Research that provides a great deal of market research and insight into the challenges of the data center network supporting large-scale virtualization. The report provides a representative view about the types of obstacles organizations are facing and where they are making new investments, along with some recommended best practices. As usual, the application services infrastructure is one of the biggest challenges, i.e., how to replicate the layer 4-7 and security services that mission-critical applications require in a highly virtualized or hybrid cloud environment. While servers and networks have largely been virtualized, relying on physical firewalls or application controllers can undermine or limit the beneficial effects of virtualization.
Forrester starts by pointing out what benefits customers are looking for and where they see the greatest growth in virtualization going forward. Over the next four years, Forrester sees 500% growth in total virtual x86 workloads that will be hosted in private cloud IaaS (Infrastructure as a Service), where virtual servers are isolated between tenants, compared to 170% growth in private cloud pools in organizations’ own data centers. Forrester points out that overlooking virtual services can “negate private and public cloud investments”, however. 33% of their respondents indicated that they have difficulty integrating public services with internal virtual infrastructures, with 24% specifically citing “frustration with capability, agility and flexibility of traditional application delivery controllers (ADC)”. (see next table).
In a blog post earlier this year, I highlighted the Nexus 1010-X virtual services appliance announced at Cisco Live! in London, and why virtual services can be best deployed on a separate UCS-based appliance running NX-OS. The Nexus 1010 and 1010-X are dedicated platforms for hosting virtual service nodes, like the Nexus 1000V virtual supervisor module (VSM), virtual firewalls, and our virtual network analysis module (NAM). All these services run in virtual machines on the Nexus 1010, rather than taking up valuable resources on application servers, and allow for easier manageability by the networking and security teams (rather than the server team).
Continuing on the same theme, this week at Cisco live! San Diego (my how time flies between these shows!), web application firewall (WAF) manufacturer, Imperva, announced that their SecureSphere WAF would soon be available on the Cisco Nexus 1010-X virtual services appliance (Q4 CY 2012). This is the first third-party virtual service announced on either the Nexus 1010 or 1010-X appliance, and provides additional security capabilities on top of Cisco’s virtualization infrastructure for cloud applications. Read More »
A key component of Cisco’s Unified Data Center and our virtual networking portfolio is the Nexus 1010 virtual services appliance. We were excited last month when we announced a more scalable version, the Nexus 1010-X. As I pointed out before, the idea of a virtual services appliance is to provide a dedicated hardware platform for running a wide range of network services, monitoring and security virtual machines rather than having them share server resources with key business applications. From an administrative point of view, these network services VM’s can be managed by the networking team, rather than the teams running VM’s on the application servers, which is the right division of labor. The Nexus 1010 platform runs NX-OS and basically looks like a network device rather than a VM host, helping the network admins manage the service policies.
Now we are releasing a case study of an Italian service provider, FASTWEB, who is using the Nexus 1010 to simplify the management of their virtual network, and network service policies. As part of a sustained and forward looking strategy, the Italian service provider has built a next-generation network for delivering converged voice, video, data and mobile services. This investment has enabled FASTWEB to accelerate the creation of new, differentiated offers for business and residential customers, while reducing operational complexity and overhead.
The Nexus 1010 supports network analysis down to the VM layer, giving FASTWEB’s network administrators granular visibility to virtual workloads, without having to trouble the storage and virtualization operations teams.