Network virtualization (NV) refers to abstracting network resources traditionally delivered in hardware to software. This process is similar to the abstraction provided, when compute virtualization (Hypervisor) is used to abstract CPU and memory or storage.
NV can combine multiple physical networks to one virtual, software-based network, or it can divide one physical network into separate, independent virtual networks. Network services like routing and switching or services like firewall or load balancing are moved from the hardware layer to the virtualization layer. This allows to traverse the network from the underlying hardware and allows virtual provisioning of an entire network. Network Virtualization also enables automation of many administrative tasks, decreasing manual errors and provisioning time. It can provide greater network productivity and efficiency.
VMware NSX Data Center is a network virtualization platform, delivering networking and security entirely in one software, abstracted from underlying physical infrastructure. NSX uses software to provide networking functions like fire-walling, switching, and routing. This means that multiple users can share the same physical environment using virtual networks invisible to each other to increase efficiency and security.
The advantage of a Network Virtualization platform such as NSX is the abstraction of the majority of Layer 2 to Layer 7 network services. It also enables to extend those services into one or multiple clouds (VMware Cloud on AWS or other VMware Cloud Provider systems, or even native AWS and other external provider) and platforms (i.e. container or Kubernetes). All operated under one central management platform.
NSX is build for consumption through an API. Products utilizing this interface are the VMware Cloud Management platform - such as vRealize Automation or vCloud Director - and other 3rd party tools leveraging the REST-API. NSX provides for simple provisioning of network and security services whether it is a simple Layer 2 switching domain, or a complex Layer 7 load balancing service. Automation allows you to enhance the speed of delivery for both networking features but also security requirements.
The most important part when choosing a current network virtualization platform, is to ensure it provides a consistent platform across VMware and non-VMware clouds. Only a true network virtualization platform allows for free movement of workloads between on-premises and the cloud, or between clouds. All managed by one central platform.
Security and Micro-Segmentation
A modern infrastructure requires a new approach to security. While in the past it was ok to just have perimeter firewalls, nowadays we need a platform which allows for micro-segmentation of individual workloads. Micro-segmentation is deeply integrated into a policy-based approach with context-aware security custom to the individual workload. On top of such a service, defined firewalling it is required to integrate with other security tools and platforms for intrusion detection and prevention, as well as for other threat-protection methods. All integrated within the same management solution.
Endpoint and Workload Protection
When designing a modern Software-Defined Enterprise it quickly appears that the legacy endpoint and workload protection approach of bolting on applications to the infrastructure as an afterthought is no longer an option. Companies need a new approach towards security which provides Intrinsic security with a suite of products which run integrated from the hypervisor layer over the operating system layer into the cloud native application. Security that is built in and not bolted on. VMware and comdivision even created a joint study with Forbes Insights on the current security challenge of our customers which can be downloaded here (English version or German version) .
SD-WAN by VeloCloud
The more enterprises rely on network connectivity from branch and home offices to their central datacenter, but also into the cloud, the more MPLS and leased lines become a burden for the enterprise. A modern SD-WAN solution like VMware SD-WAN by VeloCloud can not only enhance the WAN experience of the end user, but also help the enterprise to lower the cost by replacing expensive MPLS and leased lines with standard IP connectivity and the VeloCloud solution. comdivision offers both managed and unmanaged VeloCloud deployments.
comdivision was one of the first professional services partners to deliver NSX design, deployment and training services. We have developed pre-packaged and validated service offerings which can be customized to your needs: