network transformation through virtualization (166373789)
TRANSCRIPT
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 1/30
NETWORK TRANSFORMATION THROUGHVIRTUALIZATION
Theresa Zix, Vice President, Information Technology
Herman Choi, Network Architect
Art Center College of Design
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 2/30
Art Center Intro
2 Locations in Pasadena, CA 4 Groups of Design Study
Industrial, Communication, DesignSciences, Arts & Media
Size
1,500 Students + 3,000 in PublicPrograms
450 Faculty + 250 Staff
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 3/30
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 4/30
(South Campus Picture)
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 5/30
(Students Working Picture)
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 6/30
Original Network (2004)
Large Flat NetworkNo Boundaries
Prone to Broadcast Storms andNetwork LoopsNo Physical Infrastructure
Redundancy Inefficient Use of Equipment andCabling Infrastructure
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 7/30
Initial Concerns
Lack of ScalabilityNo room for growth andexpansion
Lack of Resiliency Availability was the issue
Lack of Security Free-for-All environment
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 8/30
What is Virtualization?
Abstraction of physicalcomputing resources
Single physical computingresource appears as multiplelogical resources
Multiple physical computingresources appear as a singlelogical resource
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 9/30
Solution (2005-2008)
Implemented Network VirtualizationAllowed networks to be implementedwithout physical constraints
No longer constrained by legacyphysical networks
Gained flexibility and reliability through
efficient use of resources
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 10/30
Original ScalabilityIssues
Legacy network equipmentlimited scalability andexpandability
Deployed multiple physicalswitches dedicated for differentdepartments
Too many switches deployed Inefficient use of power and
infrastructure
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 11/30
Solutions For ScalabilityIssues (2005)
Virtual LANs(VLANs)Instead of multiple
switches, deployedonly one switch
Allocated ports onone switch to
specific networks Lowered powerconsumption
Used infrastructuremore efficiently
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 12/30
Solutions For ScalabilityIssues (2005)
Virtual TrunkingProtocolsAllowed use of multiple
VLANs to sharecommon physical links
Supported legacy non-routable applications
Extended flexibility of network
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 13/30
Solutions For ScalabilityIssues (2005)
Virtual Etherchannel LinksPorts can be combined and bonded
together to increase bandwidth capacityand utilization
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 14/30
Solutions For ScalabilityIssues (2005)
VLAN and Virtual Trunking Protocols wereextended to the wirelessinfrastructure
Simple wireless APs canonly support one SSIDwireless network
VLANs allowed differentSSIDs to propagate
across fewer APs
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 15/30
Solutions For Scalability Issu(2006)
Virtual Security DevicesLegacy security devices only
performed one function perphysical box
Split into multiple logicalsecurity devices
Firewall services
VPN services
Intrusion Detection services
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 16/30
Solutions For ScalabilityIssues (2008)
Virtual Application Load-BalancingLegacy load-balancers only worked on one
network Split into multiple logical load-balancers
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 17/30
Original ResiliencyIssues
Original network did not have
redundant network backbone orfiber uplink connections
Routing gateway functionalities
were limited to a single routingdevice
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 18/30
Solutions For ResiliencyIssues (2005)
Spanning-Tree ProtocolsUsed redundant uplinks to be simultaneously active
Multiple uplinks can now be utilized more efficiently
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 19/30
Solutions For ResiliencyIssues (2005)
Virtual RoutingRedundancyProtocolsLegacy routing
were constrained tophysical interfacesand single routingdevices
Routing gatewayfunctionality can bespread acrossmultiple routers
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 20/30
Original Security Issues
Originally had a large flat networkOne large broadcast domainHighly unstable Everybody could see one another Easy for viruses and worms topropagate
No containment or isolation
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 21/30
Solutions For SecurityIssues (2005)
VLANs used to createisolated networks
Dramatically decreasedsize of broadcast domain
Private VLANs can becreated to restrictcommunication betweenhosts within the samenetwork
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 22/30
Solutions For Security Issues(2008)
Use of Access Control Lists to restrict communication between VLANs -Difficult to scale and maintain
Future Direction - Virtual Routing and ForwardingCreate virtual isolated paths within the same network - Internal VPN Virtual routers within one physical router
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 23/30
Maintain Network VirtualizationNeed Monitoring and VisibilityMonitor CPU and Memory Utilization Monitor Bandwidth Utilization
Monitor Virtual Routing States Monitor Virtual Spanning-Tree States SNMP – Preferably version 3 Logging – Monitor Incidents and Errors
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 24/30
Server Virtualization
Hot Topic NowadaysMultiple operating systems or
server instances deployed across
multiple physical serversExamples of virtualization softwareVMWare
Citrix Xen Microsoft Parallels Virtuozzo
fi f
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 25/30
Benefits of ServerVirtualization
Greater flexibility and scalability Increases reliability and availabilityMore efficient use of hardware resourcesSounds great!What’s the problem?What does this have to do with the
network?
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 26/30
Server VirtualizationIssues Network Utilization and
Capacity ChangesOne server not tied to just one
physical NIC Imagine 10 virtual machines
sharing the same physical NIC Virtualization software may only
load-balance based on CPU andmemory utilization
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 27/30
Server VirtualizationIssues Security Management
ChangesBy default, all virtual
machines can see oneanother
Private VLANs Host-based Firewalls Host-based Intrusion
Detection Software-based
solutions
S Vi t li ti
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 28/30
Server VirtualizationIssues Network Design
ChangesNot just a regular
server connection
Networking has beenextended fromnetwork switches tovirtual switches insideeach server
Same NetworkVirtualization concepts
Wh t D th F t
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 29/30
What Does the FutureHold?More visibility and monitoring requiredMore emphasis on network design and
deployment of virtual machines
Possible IT Culture Change - Your networkand system engineers must work moreclosely together
Similar to network and voice convergence –
Merge technical skills
7/29/2019 Network Transformation Through Virtualization (166373789)
http://slidepdf.com/reader/full/network-transformation-through-virtualization-166373789 30/30
Thank You
Art Center College of Designwww.artcenter.edu
Theresa [email protected]
(626) 396-2477
Herman [email protected]
(626) 396-2256