By Ian Jansen Van Rensburg, Senior Systems Engineering Manager at VMware Southern Africa
Imagine a world where the enterprise and service provider data centre has consolidated and repurposed infrastructure resources. Where operational complexity has been reduced and dynamically aligned and where application infrastructure is scaled in response to business priorities. This is the world of server and storage virtualisation solutions and they are dramatically transforming the data centre landscape.
Already the enterprise and service provider data centre is realising the benefits of these server and storage virtualisation solutions as they deliver significant opex and capex savings. This is achieved through hardware independence, consolidation and automation. What’s even more promising is how much of their potential remains unharnessed thanks to antiquated networks and security operations.
The data centre is commonly plagued with a number of issues and can often impact on the potential of virtualisation and the software-defined data centre. It still struggles with being rigid, complex, proprietary and closed to innovation, not keeping pace with advances in server and storage virtualisation. Add to this the fact that networking and network services are out of step with virtualised hardware and storage and it’s clear why application deployment time and deployment risks are impacted negatively. These need both compute and networking resource to thrive.
Software-defined networking is a mental leap for most enterprises as it’s a dramatic shift from the intensive realm of hardware switches, firewalls and routers. Instead, the operational model of compute virtualisation is brought to the network which is now treated as a pool of transport capacity with network and security services attached to VMs through a policy-driven approach, now abstracted from the physical hardware topology.
To achieve this level of abstraction, the software-defined network is implemented through a network hypervisor that runs on x86 computer nodes and is tightly integrated with the compute hypervisor. The latter abstracts away the underlying computer resources while the former abstracts away network hardware thereby reproducing the entire network model in software and allowing for any type of network topology. Simple to complex – created and provisioned in seconds.
This solution also allows for the business to provide for a library of logical networking elements and services that includes logical switches, routers, load balancers, firewalls and workload security. The isolated virtual network is easily created by developing custom combinations that suit. Of course, security is as essential as business agility and cost-effectiveness and the SDDC offers an attractive proposition.
Often when a firewall is breached the company doesn’t have another method of protection to prevent it from attacking other machines inside the data centre. The SDDC allows for internal resources o be protected individually with a honeycomb-style pattern of firewall protection. New rules instantly applied to different firewalls allow enterprises to trap and isolate threats before they can attack other machines. Each virtualised workload can have its own firewall and can be isolated from others and specifically protected from external threats. In addition, third party security services can be added both dynamically or statically according to policy to create a security framework that can respond to threats with impressive dynamism.
The software-defined network is also capable of delivering an unparalleled and contextualised management visibility of the logical and physical layers. It is about the abstraction, pooling and automation of traditional infrastructure services and the value is clear. Now it is just up to the enterprise to recognise the economic benefits, the operational simplicity and the rich functionality that this provides.