August 27, 2019 / By VMware PR
Network, Telco, and Edge: Innovation for Our Multi-Cloud World
Chris Wolf, Vice President & CTO, Global Field and Industry, VMware
When managing applications and data in a multi-cloud world, there is no more important architectural decision than the network. We learn early in our IT careers that if users can’t access an application, “just blame DNS!”
All fun aside, the decisions about how to architect and operate networks have a major impact on:
- Business critical applications
- User and customer experience
When you factor in the accelerated pace of app and service deployments — and an increasingly dynamic security threat landscape — network agility is more critical than ever.
This is why VMware continues to advance our Virtual Cloud Network vision - a fully software-defined networking fabric that spans clouds, data centers, and edge — the must-have architecture design for our multi-cloud world.
Today’s VMworld news advances our Virtual Cloud Network vision. Here are the big-ticket innovations:
Introducing VMware NSX Intelligence
NSX Intelligence is a new distributed analytics engine built natively into VMware NSX-T. The solution provides continuous, data center-wide visibility for network and application security teams. NSX Intelligence is intrinsic to the network fabric.
Here are three important technical differentiators:
1. Native Security
NSX Intelligence is built into the hypervisor, simplifying operational management. It also provides a distributed analytics architecture far more difficult to attack or subvert than traditional taps.
2. Distributed Analytics to Each Host
The distributed analytics model offers massive inline processing capacity with lower costs and latency. This approach helps eliminate traffic duplication, network degradation, or the need for a parallel analytics network.
3. Comprehensive Analysis
With NSX Intelligence, you can inspect every packet from every workload without sampling, all while converging multiple security controls into a single platform. This, in turn, helps eliminate security blind spots and accelerates security incident remediation.
In the initial release, we expect organizations to use NSX Intelligence to address the following primary use cases:
- Automate micro-segmentation and firewalling at scale
- Demonstrate and maintain policy compliance
- Simplifying security incident troubleshooting
NSX Intelligence is a transformative solution. To learn more and dive deeper into the technology, visit https://www.vmware.com/go/networking-security-stack.
VMware NSX Advanced Load Balancer
The new VMware NSX Advanced Load Balancer (previously Avi Networks Platform) is a distributed application delivery controller (ADC). It’s purpose-built to scale and run anywhere — from the cloud to the data center to the edge.
Using one centralized interface, customers can dispatch services like load balancing and intelligent web application firewall (iWAF) to any application on any cloud running on virtual machines, containers, or bare metal.
In essence, your ADC can be literally anywhere your applications run, now and in the future.
To learn more about NSX Advanced Load Balancer, see this blog post.
VMware vRealize Network Insight Expands Intelligence to the Cloud
vRealize Network Insight and NSX Intelligence work together to deliver comprehensive visibility, analytics, and troubleshooting to improve Virtual Cloud Network operations.
The latest release of vRealize Network Insight provides visibility and troubleshooting for physical and virtual infrastructure stretching from the data center to the network edge, with new support for:
- VMware SD-WAN
- VMware Cloud on AWS
- Microsoft Azure
vRealize Network Insight 5.0 enhances NSX operations management by extending the PCI Compliance Dashboard for NSX-T. It also detects audit changes for firewall rules and tracks Virtual Tunnel Endpoint (VTEP) latencies.
NSX-T 2.5 Brings Several New Capabilities
NSX-T is the industry’s only network and security platform delivered completely in software. New enhancements to NSX-T include:
- A Native Cloud Enforcement mode that allows organizations to better secure public cloud workloads using native cloud security controls.
- FIPS 140-2 compliance.
- The ability to apply Layer 7 application ID-based or context-aware rules to the NSX edge (gateway) firewall for north-south traffic.
- Support for Layer 7 application ID-based distributed firewalling in KVM environments.
- VPN Enhancements for multi-tenancy.
- Packet mirroring for east-west traffic monitoring via Service Insertion.
For more information on NSX-T 2.5 enhancements, see “NSX-T 2.5: A New Marker on the Innovation Timeline.”
Uhana Adds Real-Time Deep Learning Engine to our Portfolio
We are excited to welcome Uhana into the VMware family. Uhana built a real-time deep learning engine that optimizes the telco network experience. Key emerging and vertical use cases, include:
- 4K video
- Interactive gaming
- Augmented and virtual reality
- Personal IoT
- Connected cars
We see three primary functions for our customers:
- Observe. Scalable real-time ingestion analytics learn what is happening in real-time at fine granularity.
- Predict. Uses recurrent neural networks to forecast, anomaly detect, and provide root cause analysis.
- Control. Uses deep reinforcement to learn to control the network and application knobs to optimize networks and slices.
For more information, see “VMware To Add Uhana to Telecommunications Portfolio, Harnessing the Power of AI for Mobile Networks.”
VMware Integrated OpenStack Adds Kubernetes Support
With Kubernetes support in OpenStack, communication service providers finally have a cloud native platform for container-based applications and services.
We’ve also added some other significant features to OpenStack, including:
- Multi-tenant operational views and dashboarding in vRealize Operations.
- Native NSX-T Data Center integration.
- Dual IPv4 / IPv6 Control Plane / Data Plane configurations.
- Accelerated DPDK-Data Plane performance.
- Multipath NSX-T Networking support (N-VDS).
- Highly available control plane.
Let’s Do This!
As you can see, our Virtual Cloud Network vision is stronger than ever.
- We provide the flexibility to manage L2-7 network services practically anywhere, regardless of underlying network hardware.
- Deep insights offer visibility, automation, and intrinsic security.
- Best of all, with our portfolio of software-defined network solutions, you can start small.
Perhaps begin with a new Kubernetes initiative. Or build institutional knowledge by using our architecture with a small number of applications. Then, start to scale as your team’s comfort with the technology improves.
Make no mistake: This is a fundamental shift in how we architect and manage networks and security.
It’s not just VMware’s vision. It’s an industry inevitability, with major hyperscalers taking a similar, modern, purpose-built architectural approach. The primary difference with our approach is that we are multi-cloud and multi-data center by design.
Together, we can fundamentally transform networking to be more agile, intelligent, secure, and resilient than ever.