Your SlideShare is downloading. ×
0
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Cisco Virtual Network Management Center (VNMC)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cisco Virtual Network Management Center (VNMC)

1,260

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,260
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
21
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • This diagram depicts the key elements from a management standpoint that are required for IT-as-a-Service, regardless of the business applications and IT services delivered – whether it’s for a dev and test environment for your SAP applications team or a production environment for Oracle database hosting. This framework is similar to the architecture for private cloud recommended by analysts firms like Gartner and Forrester. We’re not trying to replicate all of the existing IT management systems (like your existing service desk / ticketing systems and CMDB) that you use to run your legacy data center environments. Instead, this diagram represents the new capabilities necessary for IT-as-a-Service; the mandatory requirements for this new approach include a self-service portal and orchestration, together with policy-based infrastructure resource management.At the top level of the diagram you have the self-service portal, with on-demand provisioning from a catalog of standardized IT options, governance and approvals, as well as tracking the lifecycle of service usage to prevent sprawl and to enable chargeback or showback. This portal can provide users with a unified online “menu” of options for requesting IT services, whether the infrastructure resources are hosted in your own data centers or potentially sourced externally in a hybrid cloud model.From an automation and integration standpoint, you need to combine the portal with an orchestration engine that can provision the requested service and the underlying infrastructure – with policy-based infrastructure resource management and controls across a shared pool of compute, storage, and network resources, whether physical or virtual.And finally, although IT-as-a-Service demands a new approach, it must complement your legacy systems and management tools. So this new management approach needs to integrate with the existing IT environment for operational processes including monitoring and service assurance, configuration management and a CMDB, as well as business processes like user management in your directory systems and financial management - whether you start with a showback model or evolve to pay-per-use billing and chargeback.
  • Transcript

    • 1. Cisco Virtual NetworkManagement Center (VNMC)Device and Policy Management of Cisco Network Virtual Services© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
    • 2. • Problem Statement and Vision• N1K, VSG, ASA1000V Overview• VNMC Benefits and Differentiators• Resources© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
    • 3. 1. VMware vMotion moves virtual machines across physical ports, and the network policy must follow this migration (across racks, pods, and data centers)2. Administrators must view or apply network and security policy to locally switched traffic3. Administrators need to maintain segregation of duties while helping ensure nondisruptive Port Group operations4. Organizations need a VLAN-agnostic solution to decrease complexity and enhance scalability Security Administration Server Administration Network Administration© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
    • 4. IT-as-a-Service Requires a New Management Approach Business Applications and IT Services Self-Service Portal and Orchestration Operations On-Demand Provisioning Service Governance Lifecycle Management Business Support Support Service Catalog Integration and Automation Pay-Per-Use Ecosystem Ecosystem Billing, Customer Service Management,Assurance, Complian Financial ce, Configuration Management, … Infrastructure Resource Mgmt Management, … Pooled Resources Seamless Physical-Virtual Policy-Based Compute Policy-Based Network Service Profiles Network Containers Physical-Virtual, Multi-Hypervisor Dynamic Network Provisioning Compute Storage Network © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
    • 5. Lower TCO by having Common UX and Common model to a single integrated operational flows enable federated access to Cisco development network virtual services in the cloud API-accessible Part of the N1K Addressing Enterprise abstraction layer architecture, manages and Provider needs in simplifies cloud the VSG and a self contained multi- infrastructure ASA1000V security tenant environment management for products customer and partners© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
    • 6. • Accelerate virtualization and multi-tenant cloud deployments VM VM VM VM • Integrated into Vmware vSphere hypervisor • Provides advanced virtual machine switching 1000V using .1Q switching technology VEM • vPath and VXLAN technologies vSphere • Built on Cisco NX-OS Server • Provides: policy based VM connection, mobile virtual machine security and network policy, and a non-disruptive operational model 1000V VSM Physical Switches© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
    • 7. Context aware Security VM context aware rules Virtual Security Zone based Controls Establish zones of trust Gateway (VSG) Dynamic, Agile Policies follow vMotion Best-in-class Architecture Efficient, Fast, Scale-out SW Non-Disruptive Virtual Network Operations Security team manages security Management Center Policy Based Central mgmt, scalable deployment, (VNMC) Administration multi-tenancy Designed for Automation XML API, security profiles© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
    • 8. Built using Cisco® ASA infrastructure IPsec VPN (site to site) NATInteroperability with Cisco VSG through DHCPservice chaining Default gatewayVXLAN gateway Static routing Stateful inspectionMulti-tenant managementThrough Cisco VNMC IP audit© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
    • 9. • Proven Cisco® security: virtualized physical and virtual consistency Cisco® Virtual Network Management Center (VNMC)• Collaborative security model Tenant A Tenant B ̶ Cisco Virtual Secure Gateway (VSG) for intra-tenant VDC VDC secure zones vApp ̶ Cisco ASA 1000V for tenant edge controls Cisco VSG Cisco Cisco VSG vApp• Transparent integration VSG ̶ With Cisco Nexus® 1000V Switch and Cisco vPath Cisco VSG• Scale flexibility to meet cloud demand Cisco ASA Cisco ASA ̶ Multi-instance deployment for scale-out deployment 1000V 1000V across the data center Cisco vPath Cisco Nexus® 1000V Hypervisor© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
    • 10. Multi-Tenant Different customers and different needs Security Profiles Scalable Simple, policy-based security configuration Stateless XML API Expandable Ready for third-party integration Partitionable Role-Based Access Controls Different users and different privileges Integrated Automated Cisco Nexus® 1000V and VMware vCenter Port profiles refer to security profiles Dynamic Provisioning One-stop configuration of network and security Custom created to manage virtualization-specific workflows© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
    • 11. • Single tenant can have up to three organizational sublevels• Each sublevel can have multiple organizations• Overlapping network addresses across tenants are supported Tenant vDC vApp Tier Level Level Level Level Tier 1 DC 1 App 1 Tier 2 Tenant A DC 2 Root App 2 Tier 3 Tenant B DC 3© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
    • 12. Cisco® VNMC Administrator Roles Tenant-Level Access© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
    • 13. 192.168.200.20 Tradeshow Outside SYN Floods 172.25.108.0 Client TenantA Outside: 192.168.200.15 NAT IP: 192.168.200.11 .87 ASA 1000V Static NAT Inside: 192.168.100.15 192.168.100.0 .20 .10 .11 .12 Web VSG Win 7 Client Db Server Server .86 .75© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
    • 14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
    • 15. Cisco.com Cisco Support Community• Cisco VNMC: www.cisco.com/go/vnmc • Extensive training materials and VODs on various VNMC topics are available at the Cisco Support• Cisco® ASA 1000V: www.cisco.com/go/asa Community: https://supportforums.cisco.com• Cisco Nexus® 1000V: www.cisco.com/go/1000v• Cisco VSG: www.cisco.com/go/vsg© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
    • 16. Thank you.

    ×