Building the Modern Datacenter and Security Architecture with
Building the Modern Datacenter and Security Architecture with NSX, VSAN & v. ROps for Digital Workspace Kapil Kasetwar -- Solutions Consultant and Member of CTO Ambassador Program © 2016 VMware Inc. All rights reserved.
End-User Computing Vision PCs, Laptops Thin Clients Tablets, Smartphones Desktop and Workspace Services Enterprise Mobility Management and Security Mission: Secure Virtual Workspace for Work at Speed of Life Desktop Laptop Tablet Phone Machine © 2016 VMware Inc. All rights reserved. 2
Foundational Building Blocks of Secure Digital Workspace VMware NSX for Horizon VMware Horizon © 2016 VMware Inc. All rights reserved. 3
VMware NSX for Horizon 4
ODC 1 Pool ODC 1 Network ODC 2 Pool ODC 2 Network Micro-segmentation for – Desktop to Desktop control – Desktop to Enterprise App control – Quarantine infected (AV, IPS etc) desktops • Allows for elasticity and agility to spin up/down new desktop pools • Expand existing using logical switching, routing and firewalling Horizon Infra NSX for Horizon • NSX services like Load Balancing, NAT and Firewalling enables you to protect the Horizon infrastructure and streamline access. © 2016 VMware Inc. All rights reserved.
Micro-segmentation of Application Access based on User Profiles Dedicated Security Zone HR FINANCE SALES R&D QA Software Defined Data Centre powered by VMware NSX Physical IT Infra Resources (Server, Storage, Network, Security) Centralized Unified Administration and Management Consoles and Solutions Dedicated Security Zone © 2016 VMware Inc. All rights reserved.
Automated Security in a Software Defined Data Center Quarantine Vulnerable Systems until Remediated Security Group = Quarantine Zone Members = {Tag = ‘ANTI_VIRUS. Virus. Found’, L 2 Isolated Network} Security Group = Web Tier Policy Definition Standard Desktop VM Policy Anti-Virus – Scan Software Defined Data Center Quarantined VM Policy Firewall – Block all except security tools Anti-Virus – Scan and remediate Virtual Network Service Composer Cloud Management © 2016 VMware Inc. All rights reserved. 7
Simple Horizon Deployment: 3 Additional Components NSX Manager Edge Appliance Distributed Firewall © 2016 VMware Inc. All rights reserved. 8
Our problem: mobile workflows access datacenter resources Enterprise Network Internet VPN User © 2016 VMware Inc. All rights reserved.
Our problem: it’s not a 1: 1 world anymore Enterprise Network Internet VPN User Mobile apps can access enterprise network. All data center apps can be accessed. © 2016 VMware Inc. All rights reserved.
Modern mobility: personal and managed © 2016 VMware Inc. All rights reserved.
Modern mobility © 2016 VMware Inc. All rights reserved.
Modern mobility © 2016 VMware Inc. All rights reserved.
Evolving to intelligent networking Device-Level VPN Full Network Access © 2016 VMware Inc. All rights reserved.
Intelligent networking App-Level VPN Full Network Access © 2016 VMware Inc. All rights reserved.
Intelligent networking App-Level VPN access through Horizon/Air. Watch Tunnel + NSX © 2016 VMware Inc. All rights reserved.
v. Realize Operations for Horizon (Component of VMware Horizon) 17
How Can I Optimize System Performance and Avoid Surprises? ! End User Demand is Going Up System Complexity is Increasing Performance Targets are Higher SLAs Complex Stack Resources • Compute • Memory • Storage • Infrastructure • Network Protocols • Mixed Mode Environments • Xen. App • Horizon • Xen. Desktop • Latency • Uptime • Response Rate © 2016 VMware Inc. All rights reserved. 18
v. Realize Operations for Horizon and Published Apps Entire Stack Monitoring Single Pane of Glass Right-Sized Resources End-User Viewpoints Insights into Users, Apps and Infrastructure Monitor both Horizon and Xen. App Stacks Utilization Metrics and Management Optimize Performance and Meet SLAs © 2016 VMware Inc. All rights reserved. 19
Deliver Great User Experience with Endpoint Monitoring 3 2 1 Remediate Pinpoint Issue Quickly User Experiences Long Delays ! © 2016 VMware Inc. All rights reserved. 20
‘Right-Size’ Resources and Optimize Performance Easily repartition compute, memory and storage resources to optimize total system performance Leverage utilization insights for long-term capacity planning Justify and drive Cap-ex Investments at the right time © 2016 VMware Inc. All rights reserved. 21
VMware Virtual SAN (Component of VMware Horizon)
Desktop & App Virtualization Challenges with Storage Today Storage challenges Complex Administration Specialized, Expensive HW Storage Admin Desktop Admin VI Admin • Unpredictable IOPS spikes • Not commodity • Time consuming processes • Apps demand low latency • Large arrays waste capex • Lack of automation • Constrained scalability • Risk of overprovisioning • Slow reaction to request © 2016 VMware Inc. All rights reserved. 23
A New Approach for VDI is Needed: Software-Defined Storage Today Software-Defined Storage New Control Plane From Hardware-centric to Desktop/VM-centric • Policy-driven automation • Common across arrays • Dynamic control New Data Plane From Specialized to Industry Standard Hardware • Server SAN • Flash accelerated • Distributed © 2016 VMware Inc. All rights reserved. 24
Virtual SAN with Horizon Radically Simple Storage for Desktops and Apps v. Sphere + Virtual SAN … Superior Performance at Scale All Flash Architecture 4 x Performance 2 x Scale Enterprise Data Services Pay-As-You-Grow Affordability with reduced Cap. Ex Broader Hardware Support © 2016 VMware Inc. All rights reserved. 25
Radically Simple Storage for Desktops and Apps VM-centric storage for desktops and apps. Provision storage for virtual desktops and apps in just a few clicks. No specialized skill-sets required Use familiar v. Centertools for management Puts the app in charge Intelligent automated management based on desktop and app demand © 2016 VMware Inc. All rights reserved. 26
Superior Performance at Scale v. Sphere-integrated platform with expansive IOPS capacity delivers superior virtual desktop and application performance at scale. Hybrid and all-flash solutions deliver predictable high IOPS performance that scales Kernel-embedded platform provides accelerated I/O and better performance than virtual appliances Workload mobility and resiliency with stretchcluster support for virtual desktop and apps © 2016 VMware Inc. All rights reserved. 27
Tiered Hybrid and All-Flash Options for Horizon All-Flash Hybrid SSD PCIe Ultra DIMM Caching SSD PCIe Ultra DIMM Writes cached first, Reads go direct to capacity tier Read and Write Cache Data Persistence Virtual SAN Capacity Tier SAS/NL SAS/SATA/Direct-attached JBOD 40 K IOPS per Host Capacity Tier Flash Devices Reads go directly to capacity tier 90 K IOPS per Host + sub-millisecond latency © 2016 VMware Inc. All rights reserved. 28
Virtual SAN – Cost Optimzed Storage for VMware Horizon Overview VMware v. Center Server View • Virtual SAN clusters solid state drives and hard disks from multiple servers to create shared storage • Redefines the hypervisor to cluster compute and storage • Policy based management for self-tuning VM-centric storage v. Sphere VSAN • Scale-out architecture with built-in SSD caching ……………. SSD Hard disks Clustered VSAN Datastore SSD Hard disks Benefits • Simplicity - Storage designed for virtual machines • Fast, resilient, dynamic • Significantly lower TCO while delivering same user experience • Starts small with linear scaling of performance, capacity, and cost © 2016 VMware Inc. All rights reserved.
Thank You
- Slides: 30