At VMworld 2013, VMware unveiled its next-generation network virtualization platform, NSX, delivering the entire networking and security model from Layer 2 through Layer 7 in software, decoupled from the underlying network hardware.
Once you've got network virtualization, you've essentially jacked up the world and can start operating on it.
SDN icon and chief architect of networking, VMware
Network virtualization has evolved beyond simple use cases to more sophisticated distributed services like distributed firewalls -- meaning all traffic gets security applied, no matter where it is or how things are moved around at scale.
"Once you've got network virtualization you've essentially jacked up the world and can start operating on it," said Martin Casado, software-defined networking icon and VMware's chief architect of networking. "It's like putting in a layer of indirection so we can start manipulating the laws of physics, which allows us to do awesome things. It's exciting as we move forward because you're going to see more amazing things become possible with this platform; this ability to manipulate physics allows us to manipulate the reality in which these networks live."
One of the amazing things possible now with network virtualization is creating abstractions you can peer into to see what's going on with traffic. "For example, now we have the ability to take traffic off any one of these virtual networks and pass it through intrusion detection systems [IDS]," Casado explained. "This means we can visualize the traffic that goes through the virtual networks and actually plug these networks -- this is more future work -- into third-party management tools that can do things like threat analysis, root cause detection, anomaly detection, etc."
VMware also announced a vast partner ecosystem that covers the portfolio of applications that customers require to implement the network virtualization lifecycle. It includes: network service gateways to bridge physical and virtual environments, network security platforms that provide multiple services such as firewall and threat prevention, security services including antivirus, IDS/IPS and vulnerability management, and application delivery services, including load balancing and WAN optimization.
As part of this ecosystem, VMware is teaming up with all of the traditional security appliance and end host antivirus companies.
"This is a deep integration," Casado said. "We're working and partnering with everybody. If I'm creating a virtual world for your workloads to live in, it had better support everything that the physical world supports as far as security services. Customers can say, 'I want X company as part of my virtual world.' And we're going to augment that experience and the power of these things by providing new toolsets like introspection in the virtual machine, firewall distribution, etc."
As one of VMware's NSX ecosystem partners, Trend Micro's Kevin Simzer, senior vice president of marketing, summed it up: "As VMware launches the next-generation NSX network virtualization platform, Trend Micro is excited to work alongside to create a comprehensive security backbone that protects the data center of the future. This relationship will help simplify and automate how security is deployed, delivering reliable protection that easily scales to the needs of each customer."