Networking and Securing the Virtual Datacenter

VMware vCloud Networking and Security provides rich networking and security functionality for virtualized compute environments, built using the vCloud Suite. It provides a broad range of services delivered through virtual appliances, such as a virtual firewall, virtual private network (VPN), load balancing, NAT, DHCP and VXLAN-extended networks. These foundational capabilities for the vCloud Suite enhance operational efficiency, improve agility with control and enable extensibility to partner solutions.

vCloud Networking and Security is deployed on top of vSphere Distributed Switch (VDS). VDS enables centralized network provisioning, administration, and monitoring using cluster-level network aggregation for data center access switching. VDS enables individual host-level virtual switches to be abstracted into a single large VDS that spans multiple hosts at the data center level, with vCenter Server™ acting as the control point for all configured VDS instances.

vCloud Networking and Security components:

  • Edge Virtual Appliance – Provides networking and security gateway services, such as firewall, NAT, load balancer, VPN and DHCP. Edge High Availability protects against network, host and software failures.
  • App Firewall – Segments and isolates critical applications within the virtual data center using vNIC-level firewalling.
  • VXLAN – VXLAN, in conjunction with VDS, creates Layer 2 logical networks that are encapsulated in standard Layer 3 IP packets. A large number of isolated Layer 2 VXLAN networks can co-exist on a common Layer 3 infrastructure. These logical networks can span non-contiguous clusters or pods, without the need for VLANs, enabling customers to scale their applications across clusters and pods. VXLAN requires multicast to be turned on in Top of Rack (ToR) switches.
  • Data Security – Scans virtual workloads for sensitive data and reports regulation violations so you can quickly assess the state of compliance with global regulations.
  • vCloud Ecosystem Framework – Integrates partner services at the vNIC, virtual edge or policy management plane through REST APIs.

Management integration with VMware vCenter Server™ and VMware vCloud Director® reduces the cost and complexity of datacenter operations. With vCloud Networking and Security, enterprises can virtualize business critical applications with confidence, secure VMware View deployments and build secure and agile private clouds.

VMware includes, with select vSphere editions, vShield Endpoint to secure your virtual machine endpoints with highly-efficient anti-virus and data security. vShield Endpoint works in conjunction with industry-leading security vendors allowing their technology – implemented as virtual appliances – to protect endpoint virtual machines without resource-sapping agents. vShield Endpoint applies security at the hypervisor layer using introspection to monitor memory, network traffic and storage in every virtual machine. vShield Endpoint is virtualization-aware security that is more scalable, efficient and simpler to manage than legacy agent-based approaches designed for physical machines.