The Evolution of Virtual Mentality
-
Upload
juniper-networks -
Category
Technology
-
view
846 -
download
3
description
Transcript of The Evolution of Virtual Mentality
© Hosting.com | This document is confidential and proprietary.1
THE EVOLUTION OF VIRTUAL MENTALITY Darrell HydeDirector of Architecture, Hosting.com
© Hosting.com | This document is confidential and proprietary.2
© Hosting.com | This document is confidential and proprietary.3
Our Foundation
*
*
* 2012 Deployments
*
*
* 2012 Deployments
*
*
* 2013 Deployments
© Hosting.com | This document is confidential and proprietary.4
Cloud Enterprise Overview
Launched in 2009Built on VMware vShpere 5Powered by:
Juniper MX / EX Routing and SwitchingEMC CX4 and VNX StorageDell R-Series Servers
Supporting over 2600 VMs across over 180 physical servers
Distributed across 5 locations
© Hosting.com | This document is confidential and proprietary.5
VIRTUAL MENTALITY 1.0VS.
VIRTUAL MENTALITY 2.0
© Hosting.com | This document is confidential and proprietary.6
Adapt old service delivery mechanisms to fit virtual infrastructure
Treat virtual machines like physical machines
Force customers to understand physical network topology
Virtual Mentality 1.0
© Hosting.com | This document is confidential and proprietary.7
Complete service parityFirewall + IDSVPNLoad Balancing
Hybrid from the startCustomers can spin up VMs in existing
VLANsNew VMs can live behind existing firewallsNew VMs can live in existing SLB pools
Service Delivery Goals
© Hosting.com | This document is confidential and proprietary.8
How
did
we g
et th
ere
?
© Hosting.com | This document is confidential and proprietary.9
How
did
we g
et th
ere
?
© Hosting.com | This document is confidential and proprietary.10
How
did
we g
et th
ere
?
© Hosting.com | This document is confidential and proprietary.11
Complicated layer 2 topology“You guys have a lot of VLANs.”Pain for customers who want to
adopt in-line servicesIncreased operational overheadTight coupling of services with
network topologyHigh rate of change
What problems did this create?
© Hosting.com | This document is confidential and proprietary.12
Leverage the hypervisor to offload services
Less dependency on network topology
Simpler provisioning experience for customers
Virtual Mentality 2.0
© Hosting.com | This document is confidential and proprietary.13
Security policy decoupled from network topology
Customers can provision and manage the product independent of network topology
Zero-impact install experience
Self-service user interface
Cloud Firewall
© Hosting.com | This document is confidential and proprietary.14
Best of Breed Technology and Approach
Purpose Built Virtual Security
VM1 VM2 VM3
VS
ES
X/E
SX
i Host
Virtual Security Layer
Traditional Security Agents
VLANs & Physical Segmentation
VM1 VM2 VM3
VS
ES
X/E
SX
i Host
VM1 VM2 VM3
VSES
X/E
SX
i Host
Regular Thick Agent for FW
HYPERVISORHYPERVISOR
HYPERVISOR
1 2 3
Complex VLAN networking; Lacks hypervisor visibility; High overhead
Tedious agent installation on each VM; significant performance issues
Seamless hypervisor integration; Optimized performance; Dynamic
security
Hosting.com Cloud Firewall
© Hosting.com | This document is confidential and proprietary.15
Shared Customer Pod
© Hosting.com | This document is confidential and proprietary.16
Shared Customer Pod
© Hosting.com | This document is confidential and proprietary.17
Shared Customer Pod
© Hosting.com | This document is confidential and proprietary.18
Shared Customer Pod
© Hosting.com | This document is confidential and proprietary.19
Easily Scales to Support Growth
© Hosting.com | This document is confidential and proprietary.20
Provides Additional Security at Layer 2
© Hosting.com | This document is confidential and proprietary.21
1. Simple ordering processLess than 15 clicks from order to secureReady to manage in less than 10
minutes
2. Group VMs based on role or application
3. Create policies
User Experience
© Hosting.com | This document is confidential and proprietary.22
Step 1: Ordering
© Hosting.com | This document is confidential and proprietary.23
Step 2: Create groups
© Hosting.com | This document is confidential and proprietary.24
Step 3: Create policies
© Hosting.com | This document is confidential and proprietary.25
Step 3: Create policies
© Hosting.com | This document is confidential and proprietary.26
Step 3: Create policies
© Hosting.com | This document is confidential and proprietary.27
• Hypervisor isn’t just another endpoint on your network – it’s an extension of it
• Customers think of security in terms of applications, not networks
• Virtualization allows you to decouple services from the network
Conclusion
© Hosting.com | This document is confidential and proprietary.28
Questions?
Darrell Hyde – [email protected]
Thank you!