VMware, Inc. (NYSE: VMW), announced new advancements in VMware NSX that extend the value of an automated, programmable and intrinsically secure software-defined network to everyone involved in the new application-first world. With the latest releases of VMware NSX-T Data Center 2.4 and NSX Cloud, VMware helps architects, networking and security operators, and developers alike move beyond the rigid, inflexible and often insecure approach of hardware-defined networking to connect and protect applications wherever they reside. The newest release of NSX Data Center meets the virtual cloud networking needs of both enterprises large and small, and communications service providers can leverage the cloud-scale and performance of NSX-T Data Center to accelerate adoption of Network Function Virtualization (NFV).
Today’s rate of change in IT is undeniable. Cloud and containers are here, and applications, data centers, and users are not just anywhere, they are everywhere. According to Gartner, “by 2020, 75 percent of organizations will have deployed a multicloud or hybrid cloud model.” Additionally, Gartner expects that by 2025, 75 percent of enterprise-generated data will be created and processed outside a traditional centralized data center or cloud. Modern applications consist of many components and services that can sit on different clouds and infrastructures. The web and application layer may run on containers in the public cloud, while customer data may reside on a relational database in a private cloud. Account information may even reside on a mainframe system.
The Virtual Cloud Network is the future of networking, one based on a software-defined network architecture that spans all infrastructure and ties all these pieces together with one-click deployment. VMware NSX is at the heart of the Virtual Cloud Network, and delivering consistent, pervasive connectivity and security for apps and data wherever they reside, independent of underlying physical infrastructure. NSX is deployed in 82 of the Fortune 100 businesses and 70 percent of Fortune Global 500, and supports cloud connectivity and security across AWS, Azure, IBM Cloud and VMware Cloud on AWS. The networking virtualization platform is embedded in VMware Cloud Foundation, VMware Cloud on AWS, VMware Enterprise PKS, VMware vCloud NFV, Pivotal Application Service, and in the future AWS Outposts and VMware Project Dimension.
“App developers want a network that just works, that connects servers with a click of the mouse. This is what they get in the public cloud. VMware NSX brings this same experience to every cloud – public and private – with the Virtual Cloud Network,” said Tom Gillis, senior vice president and general manager, networking and security business unit, VMware. “With our newest release of VMware NSX-T Data Center, we have taken a major step forward in simplicity of automation, in hardware accelerated performance and in features that allow deployment at the scale of the largest clouds in the world.”
Network virtualization offers the only practical way to provide the one-click automated experience developers seek. By moving the complexity of policy enforcement into software, it can be predefined and deployed automatically, eliminating the traditional approach of generating a change request that is manually processed by a network engineer. This philosophy of treating the network infrastructure as code can result in immediate OPEX savings through reduced labor and enables much faster time to market for new applications. Network virtualization can also yield meaningful CAPEX savings. Once network boundaries are defined in software, VMware NSX can optimize workload placement across a much larger pool of physical resources. This unlocks capacity that was “stranded” in a hardware-based network segment or VLAN. VMware has developed a tool that measures this CAPEX savings, and across several thousand enterprise customers, VMware has shown an average of 35 percent reduction in CAPEX required once the network is virtualized.
With the latest release of VMware NSX-T Data Center and NSX Cloud, VMware is delivering the following game changers for customers:
Operational Simplicity for Network Operators:†NSX-T 2.4 accelerates Day 0 installation to Day 1 provisioning of a software-defined network from days to minutes, and significantly simplifies Day 2 networking operations for administrators. NSX-T brings a new user interface (UI) built on HTML5 that gives customers a simpler network management console compared with alternative solutions. The UI provides prescriptive guidance to reduce the number of clicks and page hops required to complete configuration tasks. NSX-T now also includes installation enhancements such as Ansible modules that enable automation of installation workflows. NSX-T enables customers to provision new networks and services with a single API call or a few clicks, making NSX the industry’s simplest way to manage an application-centric, software-based network.
†††††††††††††
Network Infrastructure as Code for Developers and DevOps Teams:†NSX-T 2.4 features a new declarative API model that simplifies network automation using human-readable JSON configuration. Operators can now move to a holistic, application-focused approach to automating configuration of the network. This approach eliminates the use of a tedious list of commands that can lead to human error in network configuration. VMware NSX takes in simple, user-defined terms about an application’s required connectivity and security. These policies can then be replicated easily and applied consistently across platforms, simplifying operations and allowing IT teams to scale to new levels.
Advancing Cloud Scale and Carrier-Grade Capabilities for Cloud and Network Architects:†NSX-T now supports higher levels of cloud-scale, resiliency, and performance, with near line-rate speed using a DPDK-based hardware-accelerated data plane, high availability with clustered management plane nodes, and scalability to tens-of-thousands of unique networks per NSX-T instance. Support for IPv6 meets a critical requirement of cloud-scale networks for both enterprises and service providers, and NSX-T can now scale to hundreds of thousands of routes, over a thousand hosts per NSX domain, and with high-scale multi-tenancy. With the addition of Network Service Header (NSH)-based service chaining, service providers can deliver new services faster while significantly reducing CapEx and OpEx. Leveraging the IETF SFC framework and defining the service chain through NSH makes service provider networks more efficient, programmable and flexible.
†††††††††††††
Intrinsic Security for Security Operators and Architects:†NSX-T significantly shrinks the application attack surface and helps reduce risk to the business by building policies around the application, wherever the application runs, across VMs, containers and bare-metal servers, and across on-premises or cloud environments. NSX-T 2.4 goes beyond basic zone segmentation and micro-segmentation and supports L7 application awareness, identity-based firewalling, agentless endpoint protection via third-party integrations and service insertion to build a robust security posture built around application context. NSX-T 2.4 introduces a new level of analytics and visualization with a new management dashboard and UI, as well as support for Splunk and VMware vRealize Log Insight.
Customer and Partner Commentary
“At the University of Idaho, we have a cloud-first strategy that lets us take advantage of public cloud infrastructure where appropriate,” said Brian Jemes, Network Manager, University of Idaho. “NSX Cloud enables us to drive consistent security across AWS, with the ability to extend the security policies we create into any other cloud and our on-premises VMware environment in the future. NSX Cloud dramatically simplified our security policies, reducing the number of lines of code it took to write a security policy by more than 80 percent and making it easier to update policies in a single location and deploy those policies in a click of a button across our hybrid cloud environment.”
“In IBM’s experience of working with thousands of global businesses across every major industry, enterprises want to take a hybrid approach to modernize and migrate applications seamlessly and with security across on-premises, private and public cloud environments,” said Simon Kofkin-Hansen, Distinguished Engineer, Director and CTO, IBM Cloud for VMware Solutions. “To help simplify the journey to hybrid cloud, IBM has validated NSX-T as a supported network stack for IBM Cloud Private Hosted, and VMware NSX-T 2.4 is providing a unified networking solution that bridges IBM Cloud Private Hosted and the IBM Cloud Kubernetes Service.”