The document provides insights into VMware NSX from the perspectives of WestJet and Symantec, focusing on its network virtualization benefits and customer deployments. It highlights how VMware NSX transforms operational models by significantly reducing network provisioning time and costs, while enhancing security and automation capabilities. Key customer experiences reveal improved agility, resource management, and collaboration within software-defined data centers.

1. VMware NSX: A Customer’s Perspective
Taruna Gandhi, VMware
Jason Puig, Symantec
Richard Sillito, WestJet
NET5529
#NET5529

2. 2
Agenda
 VMware NSX Overview
 Customer Deployments
• WestJet: Flight Path to a Better Network
• Symantec: Self Service Lab Cloud
 Q&A

3. 3
Software Defined Data Center
SOFTWARE-DEFINED
DATACENTER
All infrastructure is virtualized and delivered as a
service, and the control of this datacenter is
entirely automated by software.

4. 4
WEEKS
DAYS/
HOURS
MINUTES/
SECONDS
Storage/
Availability Servers Networking Security
Management
/
Monitoring
SOFTWARE-DEFINED
DATACENTER SERVICES
VDC
Time to Provision New Services
2008 2012 2013

5. 5
Compute
Network
DC Services
DB DB
App App
Web Web
Corpnet/Internet
• Provisioning is slow
• Placement is limited
• Mobility is limited
• Hardware dependent
• Operationally intensive
Current Network Operational Model is a Barrier to Software Defined
Data Center

6. 6
Provisioning Network Virtualization with NSX
• Programmatic provisioning
• Place any workload anywhere
• Move any workload anywhere
• Decoupled from hardware
• Operationally efficient
Compute
Network
DC Services

7. 7
Provisioning Network Virtualization with NSX
• Programmatic provisioning
• Place any workload anywhere
• Move any workload anywhere
• Decoupled from hardware
• Operationally efficient
Compute
Network
VMware NSX
DC Services

8. 8
VMware NSX – Network and Security for SDDC
Public CloudsPrivate Clouds
Hybrid Cloud
Seamlessly extend your data center to the public cloud
Virtual Workspace
Manage access to services, applications and data for any device
The New Role for IT: IT as a Service
Software-Defined Data Center
Virtualize the entire data center
Management and Automation
Storage and Availability Compute Network and SecurityNetwork and Security
Any Application
(without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2 - Switch
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3 - Router
Logical
VPN
Any Hypervisor

9. 9
VMware NSX – Networking & Security Capabilities
Rich Networking & Security Services
• Scalable Logical Switching
• Physical to Virtual L2 Bridging
• Dynamic L3 Routing: OSPF, BGP, IS-IS
• Logical Services:
Firewall, Identity-based Firewall, Load-
balancing, VPN (IPSec, SSL, L2VPN)
Automation & Operations
• API Driven Integration
• Service Composer for Security Workflows
• Server Access Monitoring
• Troubleshooting & Visibility
Partner Extensibility
• Physical ToR L2 Integration
• Security Services – IDS / IPS, AV,
Vulnerability Mgmt
• Network Services – Load Balancers, WAN
Optimization
Any Application
(without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3
Logical
VPN
Any Hypervisor

10. 10
VMware NSX – Network Virtualization Benefits
VMware NSX Transforms the Operational Model of the Network
• Network provisioning time
reduced from 7 days to
30 sec
Reduce network
provisioning time from
days to seconds
Cost Savings
• Reduce operational costs
by 80%
• Increase compute asset
utilization upto 90%
• Reduce hardware costs
by 40-50%
Operational
Automation
Simplified IP hardware
Choice
• Any Hypervisor:
vSphere, KVM, Xen, HyperV
• Any CMP:
vCAC, Openstack
• Any Network Hardware
• Partner Ecosystem
Any hypervisor
Any CMP
with Partner

11. 11
Customers Deploying Network Virtualization Today!
 Westjet: Flight Path to a Better Network
 Symantec: Self Service Lab Cloud

12. Richard Sillito
rsillito@westjet.com
Network/Security/Virtualization
Flight Path to a
Better Network

13. Defy Convention
Fort Henry Ontario

14. Flight Plan

15. Let’s get our bearingsNorth/South
East/West

16. The Current State

17. Navigating in an Alternate Reality (aka “the future”)
• Automation, Continuous Delivery & Self Service
• Support low CASM through reduced TCO
• Commoditization hardware
• Leverage Virtualize network components
• Less complex information environments
• Enable the future workforce with service such as Mobile
Workspace, Bring Your Own Device and Capacity on Demand

18. Flight Following

19. Security Architecture Made Simple (SAMS)

20. Security Architecture Made Simple (SAMS)
SAMS - Infrastructure

21. Flight Following

22. SAMS Infrastructure using a VMware Solution
Gateway Firewall (Layer 3)
Connects the outside world
Simple firewall rules
Basic Functionality
High Availability – 4 nines
Embedded Firewalls (Layer 2)
Firewall distributed into each hypervisor
Central Management and reporting
Transparent Firewall
Networking occurs at hypervisor speed
Firewall has more visibility
Innovators

23. The Evolution

24. Flight Following

25. Physical Network

26. Virtual Network

27. Flight Following

28. Software Defined Datacenter

29. Flight Following

30. Summary
Defy Convention
• Security
• Performance
• Simplicity
• Automation

31. Inspiration/Thanks
VMWare
• Vern Bolinius
• Ray Budavari
• Bruno germain
My Family
• Patrick, Brittney, Taz
Thanks
VTeam
• Dominador DeLeon – Sr. TSA - Infrastructure Ops
• Justin Domshy – Manager of Environments
• Mike Gromek - Technical Architect III
• Darrell Lizotte – Technical Architect III
• Randy Seabrook – Manager Architecture
• Derek Sharman - Sr. Analyst-Config Management
• Nanda Weicker - Business Architect III
• Walter Wenzl - Sr Analyst-Config Management
• Dallas Young - Security Support Analyst III
Inspiration
• Dump your DMZ by Joern Wettern
• BYOD and the Death of the DMZ by Lori MacVittie
• Zero Trust Model John Kindervag

32. 32
Granite Labs -
Symantec’s Self Service Lab Cloud
Real-World Experiences with a VMware Software-Defined Data Center
Jason Puig
Symantec
Manager, Cloud Services – Global Symantec Labs

33. Current Deployment Summary
• Symantec Granite Labs is a large scale implementation of a
Software-Defined Data Center (SDDC)
– Based on VMware and Symantec technologies
– 250,000 VMs deployed, 27,000 under management today with 3,800
users
– 15-month implementation
– Have saved 32,000 Symantec staff hours
– While delivering better quality to end-users, in less time

34. IT Pressures – a Constant Over the Decades
“Are you getting the
maximum efficiency
out of your
infrastructure?”
“How quickly can IT
respond to LOB
requests?”
• Legislative Compliance
• Risk Reduction – SLAs & Business Continuity
• Security – Corp Assets & IP

35. Why a Cloud Lab in an SDDC?
• Cost
– Single shared pool of networking, storage, and compute resources.
– Reduced administration
– Reduced integration costs
• Agility
– Data Centers available in minutes instead of days or weeks.
– Abstraction of hardware at all layers allows flexibility and reduced downtime.
– Faster turn around when implementing new solutions
– Reduce provisioning effort allowing employees to focus on their primary job - helping
customers.
– Removing the burden of managing labs from engineers and trainers.
– Helps to break down barriers between departments and reduces silos
• Governance
– Secured within the Symantec Firewall / Private Enterprise Cloud
– Complete oversight into the datacenter topologies allow for improved control.

36. Cloud Based Labs: The ultimate challenge.
• Legacy Labs

37. Cloud Based Labs: The ultimate challenge.
• Legacy Labs
• Lab Complexity
• Dynamic Workloads
• “Hands On” / Self Service Required
• Scale
• Security / Protection
• Multiple Geographies
• Virtual on Virtual
• Hybrid Physical and Virtual Provisioning
• Cost

38. What we Deployed
• vCloud Suite
– vCloud Director
– vSphere
– vCloud Networking &
Security
– vCenter Orchestrator
• NetBackup
• Endpoint Protection
• IT Management Suite
– Deployment Solution
– Asset Management
Suite
– Service Desk
• 7xxx Core Switching
• UCS Blades
• FAS6240
• FAS6280

39. Demo

41. Metrics / Lessons Learned
• Cost
– Single shared pool of networking, storage, and compute resources.
• Explosive adoption, over 3,800 employees have used the solution since launch. Average
over 2,000 active users every month.
• Over 250,000 virtual machines deployed since launch.
• Over 27,000 virtual machines under management
• Unified library of over 700 lab topologies within our Software Defined Data Center
– Reduced administration
• While fewer admins are needed, they need to be cross functional and understand the
latest virtualization trends.
• Choosing the right vendors who understand cloud
– Reduced integration costs
• Cloud integration is complex, use as many integrated solutions as you can which are
proven to work together. Symantec is seeing the savings in the ability to leverage
integrations across the cloud.

42. • Agility
– Software Defined Data Centers available in minutes instead of weeks or months
• Average Provisioning Time: 14 Minutes, completely changes the way employees work.
– Abstraction of hardware at all layers allows flexibility and reduced downtime.
• Multiple hardware transitions since inception, zero user impact.
• Orchestration is a must
– Faster turn around when implementing new solutions
• Our entire cloud topology is actually stored in an SDDC vApp inside of the cloud, allowing for on the fly
testing of new solutions even with the cloud itself.
– Reduce provisioning effort allowing employees to refocus their actual jobs - helping
customers.
• Saved over 11,000 weeks of effort
– Removing the burden of managing labs from engineers and trainers.
• Transitioned to Cloud Operations
– Helps to break down barriers between departments and reduces silos
• Over 700 shared labs covering most Symantec product lines currently available
• Support Services, Training, and Engineering are finally able to share… everything.
Metrics / Lessons Learned

43. • Governance
– Secured within the Symantec Firewall / Private Enterprise Cloud
– Complete oversight into the datacenter topologies allow for improved
control.
• Auditing of topologies to reduce human error.
• Ensure proper security is in place prior to allowing deployment.
Metrics / Lessons Learned

44. Future
• Unparalleled Cloud Integration with Symantec Products
• Incorporate enhancements to virtual networking (VMware NSX)
• Reference Architectures
Visit the VMware and Symantec booths.
Talk to us about how we can help your organization get to IT-as-a-
Service, and a Software-Defined Data Center

45. 45
Thoughts & Questions
 Richard Sillito
rsillito@westjet.com
 Jason Puig
Jason_puig@symantec.com
 Taruna Gandhi
gandhit@vmware.com

46. 46
Other VMware Activities Related to This Session
 HOL:
HOL-SDC-1303
VMware NSX Network Virtualization Platform
 Group Discussions:
NET1001-GD
vCloud Networking and Security & NSX for VMware Environments with
Ray Budavari

47. THANK YOU

49. VMware NSX: A Customer’s Perspective
Taruna Gandhi, VMware
Jason Puig, Symantec
Richard Sillito, WestJet
NET5529
#NET5529