Agenda
- NSX 201 cross centre metro cluster, data centre migration / DR use case
- NSX futures – distributed network encryption, management of containers, securing multiple clouds
- VMware strategy for the cloud native applications and dev ops
- Deep dive on Photon, lightwave, container management
NSX Discussion
How does NSX protect against bank attach or Twitter hack
NSX micro segmentation (isolation of apps) ..DFW
3rd party integration like trend , Mcafee .. Steer traffic for layer 7 traffic.. For malware inspection.. Security tag VM.. It tells NSX to automate a policy, possible a quarantine policy
3rd party’s develop the tags ( protects against bank attach or Twitter hack etc ). NSX relies on the 3rd party NSX tags to apply a policy. NSX does have some features for tagging using activity monitoring an VM tools. VM tools can see what is running within the VM.
DMZ anywhere .. How long to provision a VM web facing and secure. NSX can spin it up instantly.
Secure user environment ..
Overlay virtual networking ( abstract )
Stretch across sites
Tunnelling ( change from vLans etc )
Logical layer 2. Packet in envelope. Encapsulate the traffic.
Vxlan
NSX is distributed across hosts rather than all going via a central physical firewall.
Develop cloud – Strategy vRealise but also others such as openstack
Others doing networks , Neutron in theory not as scale able. Challenge is abstraction layer.
Time to setup a PoC!!!
VMware do a NSX 2 day training
Containers – Cloud Native Apps
Contains, Windows 2016 ,G1 -> G2 -> G3 photon
Challenges with containers
Containers sit in the same user space on the same VM. Deploy multiple containers only appear as one VM in vcentre.