SAN FRANCISCO -- Just weeks after closing its billion-dollar acquisition of network virtualization startup Nicira Networks, VMware unveiled enhancements to its homegrown network virtualization technologies at VMworld, but the company released no details about plans to integrate Nicira's technology.
The new VMware networking technologies include vCloud Networking and Security, a set of features that are part of VMware's new vCloud product suite. VMware also added new features to its vSphere Distributed Switch.
VCloud Networking and Security
VCloud Networking and Security combines several existing VMware networking technologies, including the Virtual Extensible VLAN (VXLAN) protocol, vShield Edge and vShield App. VXLAN allows customers to create a network overlay that abstracts physical network resources. And vShield Edge functions as a Layer 4-7 services node where customers can instantiate virtual firewalls, load balancers and other services, according to Milin Desai, VMware's director of product management for networking. vShield Manager orchestrates these elements, functioning much like a software-defined networking controller, Desai added.
VShield Edge has been enhanced with a VXLAN gateway, which adds new load balancing capabilities for HTTPS and TCP, high availability for redundancy, and an increased number of interfaces. Also, vShield App provides distributed firewall and data loss prevention capabilities within a vNIC.
More on VMware networking
vSphere vSwitch primer
vSwitch architecture best practices
vSphere networking features
The vCloud Networking and Security products form the networking pillar of a suite of cloud computing technologies that offers a VMware-centric alternative to open source cloud frameworks like OpenStack and CloudStack."All of this is combined with vCloud Director, which is part of the vCloud suite stack," Desai said. "It orchestrates compute, networking, storage, security and third-party services."
Jesse Morgan, architectural engineer for Charlotte, N.C.-based cloud provider Peak 10, said during a VMworld session on building clouds with software-defined networking that he has been evaluating vShield Edge as a new way to deliver firewall servicers to Peak 10's cloud customers. The new version of vShield Edge could replace the Fortinet appliances in Peak 10's data centers. Morgan said the beta version of vShield Edge is much more full-featured than previous versions, especially the expanded load balancing capabilities, the high availability features, and the increased number of interfaces (up to 10 in the last beta version).
"The challenges that vShield Edge solves for Peak 10 include reduced physical firewall sprawl, reduced Ethernet cross connects and dramatically reduced provisioning time for new customers," Morgan said.
A more robust vSwitch
VMware announced a variety of enhancements to its vSphere Distributed Switch (VDS), the pooled construct of its embedded hypervisor vSwitch, which is often criticized by networking pros for its lack of robust networking features. The VDS now has a Network Health Check feature, which monitors for configuration errors. VMware also added VDS templates that provide configuration backup and restore capabilities, as well as serves as a vSwitch configuration template mechanism.
The new version of VDS also provides a large number of network visibility enhancements, including ERSPAN and RSPAN port mirroring, IPFIX and NetFlow support, as well as SNMP support.
VDS will also support Link Aggregation Control Protocol (LACP), which will allow the vSwitch to establish port channels to upstream physical switches.
Where does Nicira fit? Stay tuned
Many of the new VMware networking and enhanced features overlap with the capabilities of Nicira's core product, the Network Virtualization Platform. Whereas vCloud Networking and security is native to VMware's virtualization technology, Nicira's product is more platform agnostic, with publicly available integrations into open source cloud orchestration platforms like OpenStack and CloudStack.
It remains to be seen how Nicira's and VMware's networking capabilities will be integrated. The $1.26-billion deal was closed on August 23, according to incoming VMware CEO Pat Gelsinger, who announced the closure during his VMworld keynote.
"VMware's software-defined networking capabilities and Nicira's products address the same customer pain point: the cost and complexity of provisioning networks and networking services in a cloud environment," Desai said.
While VMware's networking products are built and optimized for cloud environments built on vSphere and vCloud, Nicira's products are optimized for clouds built on KVM and Xen hypervisors with OpenStack or CloudStack cloud management platforms, he said. With both solutions, VMware will have the industry's leading software-defined networking capabilities for any cloud environment, he claimed.
During his VMworld session on "Nicira and the Future of Software-Defined Networking," Nicira co-founder and CTO Martin Casado shared a slide that was meant to articulate the future integration of VMware and Nicira products. He noted that the slide had been modified many times before VMware had approved it for the session and that more information had been cut each time. The final version depicted VMware and Nicira's products having been developed in parallel. The graphic was meant to show the products converging after the acquisition, with a roadmap for technology integration, but that part of the graphic was conspicuously blank. When pressed by session attendees to elaborate, he said it was far too early in the merger to speak about roadmaps.
"The internal roadmaps of both teams were very similar and complementary [before the acquisition]," Casado said. "And we're also looking forward to leveraging vShield Edge."
Let us know what you think about the story; email: Shamus McGillicuddy, News Director.