Introduction to Network Virtualisation
This is a featured blog from Frontline Technical Consultant, Chris Beckett.
In my last post, I went over some of the fundamentals of virtualisation that often get lost or forgotten about in discussions on IT (and business) strategy. One new addition to the virtualisation landscape is network virtualisation.
What is it? Well, let’s have a look at a high level!
Network virtualisation is the abstraction and “containerisation” of networking services and security, bringing in the likes of routing, switching, firewalling and other services within the realm of the VMware vSphere environment. What does that mean in reality? Well that means you will still require the physical network “plumbing” to pass data around and upstream to the internet, but with network virtualisation we can do a lot of that work now within the vSphere environment.
VMware’s solution to network virtualisation is a product called NSX. At a basic level, this introduces new drivers or “VIBs” at the host hypervisor level that perform routing and switching decisions, meaning traffic between two virtual machines on the same host never leave the host, even if they’re on different subnets or VLANs. The net effect is more efficient traffic flow, a reduction of traffic on the physical wire itself and the ability to start reducing spend on very high end networking equipment as the load placed on them can now be reduced.
One highly useful feature of NSX is the notion of “micro-segmentation”. A technical term that basically means each virtual machine is secured not only from threats at the network perimeter, but also from threats within the internal network, sometimes within even the same host or virtual switch. By achieving this with software, cost and complexity is reduced, baking security in as standard when deploying applications and services. VMware have published a white paper on micro segmentation here.
NSX can also help improve service agility in the sense that when a service or application is now deployed, there is no longer a wait while firewall policies are applied by the security team for example, as existing NSX policies can be applied at VM deployment time to enable the correct level of security, firewall access etc. Bringing management of networking functions into the vSphere Web Client also permits secure role based access for administrators with the lower learning curve of a management interface already well understood by vSphere administrators.
The fact that a broad variety of customers from cloud providers to education customers to sportswear manufacturers have already deployed NSX and are reaping the benefits shows that network virtualisation is here to stay. You can read more NSX customer success stories here.
If you are interested in seeing what NSX can do for you, please feel free to get in touch for a no obligation discussion!
Frontline is pleased to announce that we have recently achieved the Network Virtualisation partner competency with VMware. We are one of only a few partners to achieve this competency in the UK and this adds to the 4 new VMware competencies we have achieved over the past 3 months. We are looking forward to becoming one of the leading VMware and virtualisation partners in the UK.