이호석 부장
Sr. NSX Specialist Engineer
Networking & Security Business Unit
가상화 네트워크와 클라우드간 협업

Virtual Network & Cloud
Positioning of Virtual Networks with Cloud platforms

3
We are in the 3rd fundamental structural transition in the history of IT
Cloud Computing
We are here
Mainframe
Mainframe
PC Revolution
Client/Server
Cloud
Cloud
• Mobile Devices & Clouds
(public & private)
• Software Defined
• Local Applications
• Minor role for networking
• Desktops & Servers
• Campus Networks
• Data Centers

4
Clouds are the New Silos
IT Department Nightmare: Different teams, different technology stacks, different
security & compliance
On-Premises
Datacenter

5
Multi-Cloud Networking
Companies need to extend networks across public clouds
On-Premises
Datacenter Multi-Cloud Networking

6
Web
Portal
Retail
App
Web
Portal
Big Data Big Data
Tomorrow’s Networking
Connect and Secure Applications across Private and Public Multiple Clouds
Connect & Secure
• Create private networks within
or across clouds
• Define logical switches routers
• Use firewalls to segment
applications
• Service Insertion
• Distributed Enterprise Edge
Internet

7
OpenStack Networking Today
Physical and Virtual Networks connect Virtual Machines
Physical Network
Virtual Network

8
Tomorrow: Cross-Platform Networking
Your network needs to manage many different types of endpoints
Physical Network
Virtual Network
Hyper-V

9
“NSX on Public Cloud”
NSX supported on major public cloud – AWS and Azure
– Hybrid Cloud and pure Public Cloud deployment options
– Support both Linux and Windows Guest VM
– Extend existing network and security services to Cloud
Product is sold and supported by VMware
– Purchasing through existing direct & indirect channels
– Licensing is based on VM count & socket to VM count
– Cloud Marketplace and usage based license
Extend integration with public cloud tools and APIs
– Support CloudFormation, OPSworks, Management Portal
– Co-existence with cloud provider native tools and products
Key Concepts
1
2
3
CONFIDENTIAL
9
…
NSX

10
Example: NSX for OpenStack and Amazon Web
Services
1
Native support for AWS instances with coherent services and security posture for
on and off-premise
10
AWS Cloud
Data Center
Web
Server
HR
Server
Developer
Launches instances
via Amazon console
Amazon Web
Services
• Native AWS Server
instances (AMI’s)
• Added to NSX virtual
networks via policy
On-Premise
NSX/vSphere
• AWS instances are added
to logical switch
• Consistent security posture
on-premise and in cloud
• AWS instances leverage
services
…
IT Administrator
Defines network and
security policy
Internet

11CONFIDENTIAL
1
On-Prem Data Center
(Today) Containers
(2016)
Public Clouds
(2016)
Virtual Desktop
(VDI)
Mobile Devices
(Airwatch)
Internet of Things
(Roadmap)
Branch Offices
(Partner)
Networking is Evolving
• H/W networks no longer under
IT control (e.g. mobile, IoT,
public clouds)
• Challenge is security,
compliance and QoS
NSX Everywhere
• An overlay to manage
network policy
• Spans many types of
underlying networks
• Transparent app-level
security across clouds
Example: NSX for OpenStack and beyond…
Managing Security and Connectivity for many Heterogeneous End Points

VMware NSX
How NSX make success with your business?

13
Provides
A Faithful Reproduction of Network & Security Services in Software
Management
APIs, UI
Switching Routing
Firewalling
Load
Balancing
VPN
Connectivity to
Physical Networks
Policies,
Groups, Tags
Data Security Activity Monitoring

14
Cloud Consumption
Data Plane
NSX Edge
ESXi Hypervisor Kernel Modules
Distributed Services
• High – Performance Data Plane
• Scale-out Distributed Forwarding Model
Management Plane
NSX Manager
Control Plane
NSX Controllers
FirewallDistributed
Logical Router
Logical
Switch
LogicalNetworkPhysical
Network
DLR Control VM
netcp
a
vsfwd
VMware NSX Architecture and Components
vCenter Server
• Control-Plane Protocol
• Provides Separation of Control and Data
Plane
• L2, L3 Data Plane Programming (VXLAN, DLR)
• Single configuration portal
• REST API entry-point
• Provides Registration of 3rd Party Services
• OpenStack
…
…

15
• Provisioning and Management of
Network and Network services
• Cluster & ESXi Host Preparation
• Network Services Configuration
• Logical Services Consumption
NSX Manager
NSX Manager1:1
Management
Plane
VIO / vRA / Custom CMP
vCenter
Server
NSX REST APIsvSphere APIs
3rd Party
Management Console
NSX Manager
Plugin
Centralized
Configuration via
NSX Manager
vSphere Web Client
Plugin
VMware NSX – Management Plane Components

16
IT Process Automation
Management
APIs, UI
Policies,
Groups, Tags
Switching
Routing
Load
Balancing
Connectivity to
Physical Networks
Firewalling
VPN
Data Security
Activity
Monitoring
Automation for
IT department
Multi-tenant environment
Business Value
Reduce the infrastructure
provisioning time from weeks
to minutes.
Cloud developers
The provision of IT environment that corresponds to the business speed.

17
Security
Providing essential security
infrastructure
Micro-segmentation
DMZ Anywhere
Secure end-user
environment
Data center
boundary
Internet
Business value
It provides inherent security
infrastructure with 1/3 cost
DMZ

18
Application continuity
Data Center – Anywhere
Data center #1
Disaster Recovery
Metro pooling
Hybrid Cloud
Networking
Business Value
Up to 80 percent of the RTO
reduction
Data center #2
Cloud

19
NSX – Hardware L2/L3 Network support

Amazon Web Services &
OpenStack
What is driving the success of AWS?

21
≈
SDDC
Nova
Cinder
Swift
Neutron
OpenStack provides basic IaaS “primitives” similar to AWS capabilities
EBS
EC2
S3
VPC
SDDC
Compute | Network | Storage
CONFIDENTIAL

22
If AWS is Primarily Used for Infrastructure as Code
2
2
Tools app owners/developers use TODAY
vRA
W W
AA
R
WW
A A
R
Provision
Infrastructure
(with code)
Application
Code
Application
Code
Provision
Infrastructure
(with code)

23CONFIDENTIAL
Application Owner/Developer-Centric IT
tools
Success
Easy Consumption - API
Ecosystem - Tools/Knowledge
Developer Autonomy
Production Workloads
Challenges
AWS Lock-in
Cost – Long-Lived VMs
Data Sovereignty
Differences Dev/Test/Prod
Success
Same as AWS +
Vendor Neutral API
Everything on premises
Dev = Test = Prod
Challenges
Perceived Stability
Choice/Snowflakes
Perceived Expertise Req’d
No Governance

24
VMware Integrated OpenStack
• OpenStack Distribution*
– Not a “proprietary distribution”
– OpenStack API compliant (DefCore**)
• Preconfigured drivers and plugins for VMware
infrastructure technology
– vSphere
– NSX
– VMDK (VMFS, NFS, VSAN)
• Free license to use with vSphere Enterprise/Plus
*VIO 2.0 Based on Kilo Edition
**https://wiki.openstack.org/wiki/Governance/DefCoreCommittee
***Includes vSphere, NSX, VIO for one location
vSphere | NSX | VMDK
VIO
OpenStack APIs
VMware Plugins

25
Framework +
Infrastructure
OpenStack Stability Concerns
• Separate the OpenStack “framework” from
the infrastructure
• Stability issues:
– OpenStack Framework Maturity
– Open Source Infrastructure Maturity and Skillset
– Four new technologies to learn
• Stability obtained through:
– VMware Infrastructure Technology
(vSphere/NSX)
– Consistent Framework Deployment
Developer Tools
Framework
Compute | Network | Storage
OpenStack APIs
An OpenStack cloud is only as reliable as the
infrastructure underneath it
vSphere | NSX | VMDK
VIO
OpenStack APIs
3,000 combinations of compute, network,
storage drivers…

26
NSX Customer and
Business Momentum
NSX Customers
1200+
Production Deployments
(adding 25-50 per QTR)
250+
Organizations have spent
over US$1M on NSX
100+
Stats as of end of Q4 2015

27
NSX ECOSYSTEMS

감사합니다.