Network virtualization (NV) refers to abstracting network resources traditionally delivered in hardware to software. This process is similar to the abstraction provided, when compute virtualization (Hypervisor) is used to abstract CPU and memory or storage.
NV can combine multiple physical networks to one virtual, software-based network, or it can divide one physical network into separate, independent virtual networks. Network services like routing and switching or services like firewall or load balancing are moved from the hardware layer to the virtualization layer. This allows to traverse the network from the underlying hardware and allows virtual provisioning of an entire network. Network Virtualization also enables automation of many administrative tasks, decreasing manual errors and provisioning time. It can provide greater network productivity and efficiency.
VMware NSX Data Center is a network virtualization platform, delivering networking and security entirely in one software, abstracted from underlying physical infrastructure. NSX uses software to provide networking functions like fire-walling, switching, and routing. This means that multiple users can share the same physical environment using virtual networks invisible to each other to increase efficiency and security.
The advantage of a Network Virtualization platform such as NSX is the abstraction of the majority of Layer 2 to Layer 7 network services. It also enables to extend those services into one or multiple clouds (VMware Cloud on AWS or other VMware Cloud Provider systems, or even native AWS and other external provider) and platforms (i.e. container or Kubernetes). All operated under one central management platform.
NSX is build for consumption through an API. Products utilizing this interface are the VMware Cloud Management platform - such as vRealize Automation or vCloud Director - and other 3rd party tools leveraging the REST-API. NSX provides for simple provisioning of network and security services whether it is a simple Layer 2 switching domain, or a complex Layer 7 load balancing service. Automation allows you to enhance the speed of delivery for both networking features but also security requirements.
The most important part when choosing a current network virtualization platform, is to ensure it provides a consistent platform across VMware and non-VMware clouds. Only a true network virtualization platform allows for free movement of workloads between on-premises and the cloud, or between clouds. All managed by one central platform.
Security and Micro-Segmentation
A modern infrastructure requires a new approach to security. While in the past it was ok to just have perimeter firewalls, nowadays we need a platform which allows for micro-segmentation of individual workloads. Micro-segmentation is deeply integrated into a policy-based approach with context-aware security custom to the individual workload. On top of such a service, defined firewalling it is required to integrate with other security tools and platforms for intrusion detection and prevention, as well as for other threat-protection methods. All integrated within the same management solution.
comdivision was one of the first professional services partners to deliver NSX design, deployment and training services. We have developed pre-packaged and validated service offerings which can be customized to your needs: