NSX scenariji Jelena Tatomirović, rež i i že jer Mila Vujo ić, rež i i že jer
Virtualiza ija u da aš je data e tru Applications Compute Storage Networking
Zašto je virtualiza ija reže it a? 3
NSX komponente CMP Consumption NSX Manager Management Plane NSX Controller Control Plane Run-time state NSX Edge Data Plane NSX vswitch Self Service Portal vrealize Automation Etc. Single point of configuration REST API and UI interface Decouples virtual networks form physical topology Not in Data Path Highly Available Highly Available form factor Data Plane for N-S traffic Routing and Advanced services Intelligent network edge Line Rate performance Hypervisor Extension Modules VDS VXLAN Distributed Firewall Logical Router 4
NSX rež i odel ove ge era ije Routing Load Balancing Switching Firewalling/ACLs
Šta se do ija uvođe je NSX-a? Bezbednost Automatizacija Kontinuitet aplikacija (DR)
Bezbednost virtuelne infrastrukture Mikrosegmentacija Bezbednost krajnjih korisnika DMZ bilo gde Web App DB
Bezbednost i VDI Traditional Data Center Web 1 4 Eng App 1 4 Eng Web 2 4 Eng App 2 4 Ext1 Web 1 4 Ext1 App 1 5 Ext2 Web 2 4 Ext2 App 2 5 Eng net 4 Exter al * Web 1 4 Exter al * Web 2 4 App 1 APP1 APP2 APP2 VLANs Web 2 NSX Data Center Eng APP1 Web 1 Eng Web 1 App 1 Web 2 App 2 Engineering App 2 External Contractor 1 External Contractor 2 Engineering External Contractor 1 External Contractor 2 Engineering External Contractor 1 External Contractor 2
Inteligentno grupisanje epodrža ih OS Smanjiti rizik koji nose operativni sistemi koji nisu podrža i od stra e proiz ođača pr. Wi do s Ser er Unsupported OS Group
Automatizovana sigurnost u SDDC-u Security Group = Quarantine Zone Members = {Tag = ANTI_VIRUS.VirusFound, L2 Isolated Network} Policy Definition Security Group = Web Tier Standard Desktop Policy Anti-Virus Scan Quarantined Policy Firewall Block all except security tools Anti-Virus Scan and remediate 10
Automatizacija IT Automating IT Developer Cloud Multi-tenant Cloud Web App DB BLUEPRINT
Brzo kreiranje aplikacija iz template-a Dynamic Configuration and Deployment of templated application (NSX and vrealize Automation) NSX vrealize Automation On Demand Application Delivery Service Catalog Logical Switch Resource Reservation Web Logical Router Cloud Management Platform Logical Firewall Database Multi-Machine Blueprint Logical Load Balancer App Security Policies Security Groups Network Profiles 12
Kontinuitet aplikacije M M M M Disaster recovery Multi DC pooling Cross Cloud Data Center 1 Data Center 2
Multisite networking and security Secure, High Availability, Distributed, Virtualized Resource Pool Universal Distributed Logical Router Site-A Web Site-B App D B vcenter-a App D B vcenter-b Web Local Storage Local Storage <150ms 14
Disaster recovery APP APP APP APP Recover APP APP APP Disaster Recovery Data Center 2 Data Center 1 Always Synchronized Compute Network Storage Compute Network Storage No IP change, Instantaneous Availability of Apps upon Disaster Failover of Logical Switching, Routing & Firewall Rules 15
Implementacija NSX-a u NSX bez overlay reže NSX e adžer vcenter server Bez VXLAN-ova Bez izmene MTU vrednosti ali okruže ji a NSX sa overlay režo (Full stack NSX) NSX e adžer vcenter server 1600 byte MTU 3 NSX kontrolera 2 NSX EDGE-a (HA/ECMP)
Pitanja?
NSX monitoring i upravljanje NSX Flow monitoring NSX Traceflow vrealize Log Insight VRNI vrealize Network Insight
vrealize Network Insight Transformative Operations for NSX based Software-Defined Data Center Plan Microsegmentation Deployment and Ensure Compliance Optimize Network Performance with 3600 Visibility & Analytics Ensure Best Practices, Health and Availability of NSX Deployment Across Virtual, Physical and Cloud 9
vrealize Network Insight A aliza sao raćaja data e tra: East-West, -to-, -to-physical, Switched, Routed.. Detalj i statistički poda i o s i sao raćaja tipo i a
Hvala na paž ji! Pitanja?