SlideShare une entreprise Scribd logo

What's Next in the Path to the Cloud?

Juniper Networks
Juniper Networks

From server huggers to cloud addicts to the optimized data center network - learn more about Juniper Networks' data center solutions here: http://juni.pr/SSlpP2c

Technologie
1  sur  6
Télécharger pour lire hors ligne
1 WHAT’S NEXT IN THE PATH TO THE CLOUD? From Server Huggers to Cloud Addicts to the Optimized Data Center Network From Server Huggers to Cloud Addicts Once upon a time, IT needed to convince application owners to virtualize their servers instead of hanging on to a dedicated physical server. Now, many IT shops have won that battle, with Virtual Machines (VMs) becoming the de facto standard, and old “server hugger” application owners increasingly sold on the benefits of server virtualization. The End of Server Huggers: Key Benefits of Past Server Virtualization Projects1 None of the above 70% 70% 51% 49% 43% 4% Energy savings OpEx Easy maintenance Business operational efficiency Flexibility and speed of rolling out new services Hardware savings CapEx With the availability of new IT infrastructures and cloud services that are faster than ever before, a new set of expectations around speed, agility, and time to market have been established. Today’s “cloud addict” application owners expect instant provisioning of compute, storage, and network resources, and business managers increasingly cringe at the possibility of infrastructure constraints. Figure 1: Survey results: Company benefits from past virtualization projects 1 Source: IDG CIO Virtualization Quickpoll, Sponsored by Juniper Networks, Nov 2011, Base: 138 qualified respondents
2 Cloud Addicts dictate success attributes for future virtualization projects2 Energy savings OpEx Hardware savings CapEx Easy maintenance Business operational efficiency Flexibility and speed of rolling out new services Significant increaseChange in importance: Slight increase No change Slight decrease Significant decrease Figure 2: Survey results: Anticipated impacts of future virtualization projects. For infrastructure architects and managers, the next phase of virtualization will require balancing the workflow demands of cloud addicts, while continuing to migrate legacy applications and services onto a virtualized infrastructure that is optimized for efficiency. As seen in Figure 2, while business agility determines the success of future virtualization projects, improving efficiency and reducing maintenance burdens are also rising in importance. The Security and Management of Cloud Addicts If left unchecked, cloud addicts (or even regular IT staff) have been known to spin up virtual machines with wild abandon causing VM sprawl. Or perhaps they create VM with unique configurations rife with security vulnerabilities and compliance violations. Meanwhile, VM-to- VM communications are able to bypass the long trusted presence of the physical firewall located multiple network stops away. Finally, as the importance of the applications in a virtualized environment rises, the old security models need to be revisited to ensure that only infrastructure resources are shared. Key questions to ask: • As more important applications are virtualized, how will you evolve the security model to protect business critical applications? • Can IT staff or others create virtual machines with inconsistent and/or vulnerable virtual machines? • Can you secure VM-to-VM traffic without constraining the number of virtual machines per host or the performance of the applications? The Cloud Addict Push Toward Shared Compute—Time to Optimize After the first several rounds of server consolidation, many VMs rarely move off or require human intervention. In this mode of operation, compute resources are used more efficiently and flexibly, but cannot be used as a shared and common pool of resources for other applications that need them. Even if the notion of a shared pool of compute resources is too aggressive, the tendency for application owners to overestimate the resources used by an application can lead to significant over provisioning, as the percentage of virtualized workloads approaches 100%. 2 Source: IDG CIO Virtualization Quickpoll, Sponsored by Juniper Networks, Nov 2011, Base: 138 qualified respondents
3 Key questions to ask: • How quickly can VMs be moved in your data center? • Can VMs be moved without threatening performance or availability of all applications? • Can you measure the resources used by applications over time to determine the true needs versus the estimated needs of the application set? • Do you need to build your infrastructure to handle peak loads or average loads with the use of cloud services for peaks? Table 1: Summary of Data Center Changes and the Impact on the Network Infrastructure Element Change (Old vs. New) Network Impact (Old vs. New) IT infrastructure availability Old: Delivered by IT Old: Static connections inside and between data centers New: Globally resilient, obtained via cloud service and/or delivered by IT from multiple data centers New: Dynamic connections inside and between data centers Application architectures Old: Client/server Old: Data center networks optimized for client/server (north-south) traffic New: Distributed components combined into services New: Data center networks optimized for server-to-server and server-to-storage (east-west) traffic Compute Old: One physical server per app Old: Each application’s compute and data stays physically in one place New: One virtual machine per app on shared physical compute New: Virtual machines can move around the data center based on demand Storage Old: Physical storage dedicated to a single application (direct attach) or small number of applications (storage area network) Old: Separate and dedicated storage networks with access governed by cabling New: Virtualized storage and master data initiatives dictate common pools of data available to all applications New: Data physically connected to every app, with access governed by policy; requires low latency, low jitter networks to minimize the network distance between processor and disk Security and network services Old: The “castle with a drawbridge model” that places a large appliance dedicated to a particular service between the router and the server Old: Stack network appliances in a conga line specific to particular network segments New: The “hotel model,” with multiple layers of security; applications housed in rooms with different resources, (penthouse vs. ballroom, etc.) New: A pool of network and security services available to all traffic flows combined with firewall services built to gain visibility and security for VM-to- VM traffic without constraining app performance or compute efficiencies. As we have seen, location matters In a legacy network. Resources that need each other have to be placed next to each other, and the physical location of a virtualized application resource inside a data center can have a significant impact on application performance, security, and the agility of distributed applications. Components of an application are also optimally placed in the same vicinity and ideally behind a single switch. In the future, service-oriented architectures will require that all assets in the data center have connectivity to all other assets.
4 Figure 3: Building a larger bubble for optimal performance Larger Bubbles Are Needed When application assets are placed behind a single switch, the communication between application components is fast and more importantly predictable and consistent (see the left side of Figure 3). Sometimes this happens by design; sometimes it is happenstance due to project-based infrastructure build out. As you can see in the right side of Figure 3, when an application component (generally a VM) is placed farther away from the other components, latency increases along with unpredictability of the traffic as other applications come barreling through the network. Unfortunately, physical distance is not always the best indicator of network distance. Bubble Optimal performance Application assets behind a single switch Network distance introduces unpredicatability and latency One Hop One HopVM VM Traditional Security Models Fail Traditional security models don’t work well in a post virtualization world. Like network connectivity, security architectures were built for largely static IT infrastructures. Every year, another threat seems to arise and the conga line of appliances sit at the drawbridge of the castle filtering, inspecting, and blocking traffic as it exits and enters the data center. These appliances cast a shadow across the network as a whole, if they can even keep up, or across branches of the network where a particular security service is needed.
5 The Infrastructure Evolution Imperative Just like with changes in application, compute, and storage, infrastructure architects expect to get better economics and more agility, efficiency, and performance for their infrastructure investments. Cloud and virtualization technologies are driving the first major change in data center network architectures in 20 years. This means the number of options from the incumbent established vendors and start-ups is exploding, while the gravity of the decisions data center architects and network engineers need to make dictate the future capabilities of their data center operations. Managing IT Agility: Choosing data center network architectures, and the software and hardware that enable those architectures, has become a critical task. And there are a number of challenges that come with the scale of the environment, the capacity and speeds of server and storage equipment, and future growth needs. There are two architectural options for data centers that seek to optimize the network for virtualized compute, distributed applications, and scale-out needs such as big data clusters. The best option would be indicated based on the scale and capacity of the environment. Managing Security: The quandary for any security architecture is how to reduce risk without inhibiting the agility of the business, while at the same time ensuring that the costs of security don’t increase faster than the growth in the types of threats that need to be mitigated. With products like virtual gateways, data center managers gain visibility and the tools needed to enforce both physical and virtual flows, and they can create secure zones that can be enforced on all flows in a mixed traditional and VMware environment. Simplifying the Network: Data center managers don’t just want a status quo network, or a cheap network, they want a high performing network built for a virtualized data center environment. New network architectures can improve application performance, while reducing the network’s footprint and complexity. They can be optimized for server-to-server and server- to-storage traffic, and they also enable the use of network virtualization to replace multiple dedicated data center-to-data center links with fewer wide area connections. Figure 4: Shadows create blind spots in a post virtualization world Shadow Shadows worked pre-virtualization with static apps Post-virtualization, traditional security models fail Shadow Appliances and VLANs Appliances and VLANs VM to VM blind spot VM VM VM VM moved outside assigned VLAN and security zone
63200014-001-EN Oct 2012 Copyright 2012 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. EMEA Headquarters Juniper Networks Ireland Airside Business Park Swords, County Dublin, Ireland Phone: 35.31.8903.600 EMEA Sales: 00800.4586.4737 Fax: 35.31.8903.601 APAC Headquarters Juniper Networks (Hong Kong) 26/F, Cityplaza One 1111 King’s Road Taikoo Shing, Hong Kong Phone: 852.2332.3636 Fax: 852.2574.7803 Corporate and Sales Headquarters Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA Phone: 888.JUNIPER (888.586.4737) or 408.745.2000 Fax: 408.745.2100 www.juniper.net Printed on recycled paper Key questions to ask: • Do you have a common operating system and operational model across your entire data center network? • When connecting data centers, can you not only virtualize multiple networks over a shared MPLS service, but also enable granular traffic engineering over each virtualized link, enabling customers to confidently replace expensive dedicated links with less expensive MPLS services or private wide area networks? • When refreshing 1GbE servers or adding 10GbE servers, are you able to offload rack-to-rack traffic and achieve scale that used to require three tiers of switching with only two tiers? This removal of the aggregation tier can save up to 30% of CapEx and OpEx network cost. • When building a 10GbE server data center or POD, does your architecture allow you to optimize for server-to-server and server-to-storage connectivity? An industry-leading switch fabric can give you the simplicity of multiple switches behaving and being managed like a single switch, very high performance, and the resilience and scale expected from a network of autonomous devices. Conclusion As IT organizations embrace server virtualization and move to the cloud, the changes they make might begin on legacy networks but will eventually require transformational change. In the new data center, IT infrastructure will need to be globally resilient, delivered via cloud services or by IT from multiple data centers. The data center network will be optimized for east-west traffic, and VMs will be able to move around based on demand, or there will be one VM per app on shared physical compute. Virtualized storage and master data initiatives will dictate common pools of data available to all applications. Data will be physically connected to every app, with access governed by policy. And a pool of network and security services will be available to all traffic flows, combined with firewall services built to gain visibility and security for VM-to-VM traffic without constraining app performance or compute efficiencies. This is the promise of the new network as we move from legacy systems to the efficiencies of the cloud.

Recommandé

Current Affairs
Current AffairsCurrent Affairs
Current AffairsKalahub
 
Singapore Non Profit SFDC User Group 8/2012
Singapore Non Profit SFDC User Group 8/2012Singapore Non Profit SFDC User Group 8/2012
Singapore Non Profit SFDC User Group 8/2012Joshua Hoskins
 
Impact of Juniper Training and Certification on Network Management Activities
Impact of Juniper Training and Certification on Network Management ActivitiesImpact of Juniper Training and Certification on Network Management Activities
Impact of Juniper Training and Certification on Network Management ActivitiesJuniper Networks
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Joshua Hoskins
 
2011 Taiwan UX Summit_Workshop B
2011 Taiwan UX Summit_Workshop B2011 Taiwan UX Summit_Workshop B
2011 Taiwan UX Summit_Workshop BUXTW(Taiwan User Experience Professional Association)
 
[Topcoder] for Developers - Dublin Salesforce User Group
[Topcoder] for Developers - Dublin Salesforce User Group[Topcoder] for Developers - Dublin Salesforce User Group
[Topcoder] for Developers - Dublin Salesforce User GroupJoshua Hoskins
 
Release Management: Managing Your Internal Releases
Release Management: Managing Your Internal ReleasesRelease Management: Managing Your Internal Releases
Release Management: Managing Your Internal ReleasesJoshua Hoskins
 
Orlando SFDC User Group 4/2009
Orlando SFDC User Group 4/2009Orlando SFDC User Group 4/2009
Orlando SFDC User Group 4/2009Joshua Hoskins
 

Recommandé

Current Affairs
Current AffairsCurrent Affairs
Current AffairsKalahub
 
Singapore Non Profit SFDC User Group 8/2012
Singapore Non Profit SFDC User Group 8/2012Singapore Non Profit SFDC User Group 8/2012
Singapore Non Profit SFDC User Group 8/2012Joshua Hoskins
 
Impact of Juniper Training and Certification on Network Management Activities
Impact of Juniper Training and Certification on Network Management ActivitiesImpact of Juniper Training and Certification on Network Management Activities
Impact of Juniper Training and Certification on Network Management ActivitiesJuniper Networks
 
Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Orlando SFDC User Group 10/2011
Orlando SFDC User Group 10/2011Joshua Hoskins
 
2011 Taiwan UX Summit_Workshop B
2011 Taiwan UX Summit_Workshop B2011 Taiwan UX Summit_Workshop B
2011 Taiwan UX Summit_Workshop BUXTW(Taiwan User Experience Professional Association)
 
[Topcoder] for Developers - Dublin Salesforce User Group
[Topcoder] for Developers - Dublin Salesforce User Group[Topcoder] for Developers - Dublin Salesforce User Group
[Topcoder] for Developers - Dublin Salesforce User GroupJoshua Hoskins
 
Release Management: Managing Your Internal Releases
Release Management: Managing Your Internal ReleasesRelease Management: Managing Your Internal Releases
Release Management: Managing Your Internal ReleasesJoshua Hoskins
 
Orlando SFDC User Group 4/2009
Orlando SFDC User Group 4/2009Orlando SFDC User Group 4/2009
Orlando SFDC User Group 4/2009Joshua Hoskins
 
Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the Market Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the MarketJuniper Networks
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseJuniper Networks
 
How AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WANHow AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WANJuniper Networks
 
Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.Juniper Networks
 
SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.Juniper Networks
 
Are you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devicesAre you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devicesJuniper Networks
 
Stop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WANStop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WANJuniper Networks
 
Securing IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic ApproachSecuring IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic ApproachJuniper Networks
 
Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?Juniper Networks
 
What's Your IT Alter Ego?
What's Your IT Alter Ego?What's Your IT Alter Ego?
What's Your IT Alter Ego?Juniper Networks
 
Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?Juniper Networks
 
Juniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCOJuniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCOJuniper Networks
 
SDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider OrganizationSDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider OrganizationJuniper Networks
 
Navigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's PerspectiveNavigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's PerspectiveJuniper Networks
 
vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks Juniper Networks
 
NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud Juniper Networks
 
Juniper SRX5800 Infographic
Juniper SRX5800 InfographicJuniper SRX5800 Infographic
Juniper SRX5800 InfographicJuniper Networks
 
Infographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer SatisfactionInfographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer SatisfactionJuniper Networks
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
High performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computingHigh performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computingJuniper Networks
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Contenu connexe

Plus de Juniper Networks

Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the Market Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the MarketJuniper Networks
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseJuniper Networks
 
How AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WANHow AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WANJuniper Networks
 
Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.Juniper Networks
 
Are you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devicesAre you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devicesJuniper Networks
 
Stop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WANStop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WANJuniper Networks
 
Securing IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic ApproachSecuring IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic ApproachJuniper Networks
 
Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?Juniper Networks
 
Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?Juniper Networks
 
Juniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCOJuniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCOJuniper Networks
 
SDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider OrganizationSDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider OrganizationJuniper Networks
 
Navigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's PerspectiveNavigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's PerspectiveJuniper Networks
 
vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks Juniper Networks
 
NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud Juniper Networks
 
Juniper SRX5800 Infographic
Juniper SRX5800 InfographicJuniper SRX5800 Infographic
Juniper SRX5800 InfographicJuniper Networks
 
Infographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer SatisfactionInfographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer SatisfactionJuniper Networks
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
High performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computingHigh performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computingJuniper Networks
 

Plus de Juniper Networks (20)

Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the Market Why Juniper, Driven by Mist AI, Leads the Market
Why Juniper, Driven by Mist AI, Leads the Market
 
Experience the AI-Driven Enterprise
Experience the AI-Driven EnterpriseExperience the AI-Driven Enterprise
Experience the AI-Driven Enterprise
 
How AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WANHow AI Simplifies Troubleshooting Your WAN
How AI Simplifies Troubleshooting Your WAN
 
Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.Real AI. Real Results. Mist AI Customer Testimonials.
Real AI. Real Results. Mist AI Customer Testimonials.
 
SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.SD-WAN, Meet MARVIS.
SD-WAN, Meet MARVIS.
 
Are you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devicesAre you able to deliver reliable experiences for connected devices
Are you able to deliver reliable experiences for connected devices
 
Stop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WANStop Doing These 5 Things with Your SD-WAN
Stop Doing These 5 Things with Your SD-WAN
 
Securing IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic ApproachSecuring IoT at Scale Requires a Holistic Approach
Securing IoT at Scale Requires a Holistic Approach
 
Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?Smart Solutions for Smart Communities: What's Next & Who's Responsible?
Smart Solutions for Smart Communities: What's Next & Who's Responsible?
 
What's Your IT Alter Ego?
What's Your IT Alter Ego?What's Your IT Alter Ego?
What's Your IT Alter Ego?
 
Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?Are You Ready for Digital Cohesion?
Are You Ready for Digital Cohesion?
 
Juniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCOJuniper vSRX - Fast Performance, Low TCO
Juniper vSRX - Fast Performance, Low TCO
 
SDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider OrganizationSDN and NFV: Transforming the Service Provider Organization
SDN and NFV: Transforming the Service Provider Organization
 
Navigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's PerspectiveNavigating the Uncertain World Facing Service Providers - Juniper's Perspective
Navigating the Uncertain World Facing Service Providers - Juniper's Perspective
 
vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks
 
NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud NFV Solutions for the Telco Cloud
NFV Solutions for the Telco Cloud
 
Juniper SRX5800 Infographic
Juniper SRX5800 InfographicJuniper SRX5800 Infographic
Juniper SRX5800 Infographic
 
Infographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer SatisfactionInfographic: 90% MetaFabric Customer Satisfaction
Infographic: 90% MetaFabric Customer Satisfaction
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning Fast
 
High performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computingHigh performance data center computing using manageable distributed computing
High performance data center computing using manageable distributed computing
 

Dernier

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Dernier (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

What's Next in the Path to the Cloud?

  • 1. 1 WHAT’S NEXT IN THE PATH TO THE CLOUD? From Server Huggers to Cloud Addicts to the Optimized Data Center Network From Server Huggers to Cloud Addicts Once upon a time, IT needed to convince application owners to virtualize their servers instead of hanging on to a dedicated physical server. Now, many IT shops have won that battle, with Virtual Machines (VMs) becoming the de facto standard, and old “server hugger” application owners increasingly sold on the benefits of server virtualization. The End of Server Huggers: Key Benefits of Past Server Virtualization Projects1 None of the above 70% 70% 51% 49% 43% 4% Energy savings OpEx Easy maintenance Business operational efficiency Flexibility and speed of rolling out new services Hardware savings CapEx With the availability of new IT infrastructures and cloud services that are faster than ever before, a new set of expectations around speed, agility, and time to market have been established. Today’s “cloud addict” application owners expect instant provisioning of compute, storage, and network resources, and business managers increasingly cringe at the possibility of infrastructure constraints. Figure 1: Survey results: Company benefits from past virtualization projects 1 Source: IDG CIO Virtualization Quickpoll, Sponsored by Juniper Networks, Nov 2011, Base: 138 qualified respondents
  • 2. 2 Cloud Addicts dictate success attributes for future virtualization projects2 Energy savings OpEx Hardware savings CapEx Easy maintenance Business operational efficiency Flexibility and speed of rolling out new services Significant increaseChange in importance: Slight increase No change Slight decrease Significant decrease Figure 2: Survey results: Anticipated impacts of future virtualization projects. For infrastructure architects and managers, the next phase of virtualization will require balancing the workflow demands of cloud addicts, while continuing to migrate legacy applications and services onto a virtualized infrastructure that is optimized for efficiency. As seen in Figure 2, while business agility determines the success of future virtualization projects, improving efficiency and reducing maintenance burdens are also rising in importance. The Security and Management of Cloud Addicts If left unchecked, cloud addicts (or even regular IT staff) have been known to spin up virtual machines with wild abandon causing VM sprawl. Or perhaps they create VM with unique configurations rife with security vulnerabilities and compliance violations. Meanwhile, VM-to- VM communications are able to bypass the long trusted presence of the physical firewall located multiple network stops away. Finally, as the importance of the applications in a virtualized environment rises, the old security models need to be revisited to ensure that only infrastructure resources are shared. Key questions to ask: • As more important applications are virtualized, how will you evolve the security model to protect business critical applications? • Can IT staff or others create virtual machines with inconsistent and/or vulnerable virtual machines? • Can you secure VM-to-VM traffic without constraining the number of virtual machines per host or the performance of the applications? The Cloud Addict Push Toward Shared Compute—Time to Optimize After the first several rounds of server consolidation, many VMs rarely move off or require human intervention. In this mode of operation, compute resources are used more efficiently and flexibly, but cannot be used as a shared and common pool of resources for other applications that need them. Even if the notion of a shared pool of compute resources is too aggressive, the tendency for application owners to overestimate the resources used by an application can lead to significant over provisioning, as the percentage of virtualized workloads approaches 100%. 2 Source: IDG CIO Virtualization Quickpoll, Sponsored by Juniper Networks, Nov 2011, Base: 138 qualified respondents
  • 3. 3 Key questions to ask: • How quickly can VMs be moved in your data center? • Can VMs be moved without threatening performance or availability of all applications? • Can you measure the resources used by applications over time to determine the true needs versus the estimated needs of the application set? • Do you need to build your infrastructure to handle peak loads or average loads with the use of cloud services for peaks? Table 1: Summary of Data Center Changes and the Impact on the Network Infrastructure Element Change (Old vs. New) Network Impact (Old vs. New) IT infrastructure availability Old: Delivered by IT Old: Static connections inside and between data centers New: Globally resilient, obtained via cloud service and/or delivered by IT from multiple data centers New: Dynamic connections inside and between data centers Application architectures Old: Client/server Old: Data center networks optimized for client/server (north-south) traffic New: Distributed components combined into services New: Data center networks optimized for server-to-server and server-to-storage (east-west) traffic Compute Old: One physical server per app Old: Each application’s compute and data stays physically in one place New: One virtual machine per app on shared physical compute New: Virtual machines can move around the data center based on demand Storage Old: Physical storage dedicated to a single application (direct attach) or small number of applications (storage area network) Old: Separate and dedicated storage networks with access governed by cabling New: Virtualized storage and master data initiatives dictate common pools of data available to all applications New: Data physically connected to every app, with access governed by policy; requires low latency, low jitter networks to minimize the network distance between processor and disk Security and network services Old: The “castle with a drawbridge model” that places a large appliance dedicated to a particular service between the router and the server Old: Stack network appliances in a conga line specific to particular network segments New: The “hotel model,” with multiple layers of security; applications housed in rooms with different resources, (penthouse vs. ballroom, etc.) New: A pool of network and security services available to all traffic flows combined with firewall services built to gain visibility and security for VM-to- VM traffic without constraining app performance or compute efficiencies. As we have seen, location matters In a legacy network. Resources that need each other have to be placed next to each other, and the physical location of a virtualized application resource inside a data center can have a significant impact on application performance, security, and the agility of distributed applications. Components of an application are also optimally placed in the same vicinity and ideally behind a single switch. In the future, service-oriented architectures will require that all assets in the data center have connectivity to all other assets.
  • 4. 4 Figure 3: Building a larger bubble for optimal performance Larger Bubbles Are Needed When application assets are placed behind a single switch, the communication between application components is fast and more importantly predictable and consistent (see the left side of Figure 3). Sometimes this happens by design; sometimes it is happenstance due to project-based infrastructure build out. As you can see in the right side of Figure 3, when an application component (generally a VM) is placed farther away from the other components, latency increases along with unpredictability of the traffic as other applications come barreling through the network. Unfortunately, physical distance is not always the best indicator of network distance. Bubble Optimal performance Application assets behind a single switch Network distance introduces unpredicatability and latency One Hop One HopVM VM Traditional Security Models Fail Traditional security models don’t work well in a post virtualization world. Like network connectivity, security architectures were built for largely static IT infrastructures. Every year, another threat seems to arise and the conga line of appliances sit at the drawbridge of the castle filtering, inspecting, and blocking traffic as it exits and enters the data center. These appliances cast a shadow across the network as a whole, if they can even keep up, or across branches of the network where a particular security service is needed.
  • 5. 5 The Infrastructure Evolution Imperative Just like with changes in application, compute, and storage, infrastructure architects expect to get better economics and more agility, efficiency, and performance for their infrastructure investments. Cloud and virtualization technologies are driving the first major change in data center network architectures in 20 years. This means the number of options from the incumbent established vendors and start-ups is exploding, while the gravity of the decisions data center architects and network engineers need to make dictate the future capabilities of their data center operations. Managing IT Agility: Choosing data center network architectures, and the software and hardware that enable those architectures, has become a critical task. And there are a number of challenges that come with the scale of the environment, the capacity and speeds of server and storage equipment, and future growth needs. There are two architectural options for data centers that seek to optimize the network for virtualized compute, distributed applications, and scale-out needs such as big data clusters. The best option would be indicated based on the scale and capacity of the environment. Managing Security: The quandary for any security architecture is how to reduce risk without inhibiting the agility of the business, while at the same time ensuring that the costs of security don’t increase faster than the growth in the types of threats that need to be mitigated. With products like virtual gateways, data center managers gain visibility and the tools needed to enforce both physical and virtual flows, and they can create secure zones that can be enforced on all flows in a mixed traditional and VMware environment. Simplifying the Network: Data center managers don’t just want a status quo network, or a cheap network, they want a high performing network built for a virtualized data center environment. New network architectures can improve application performance, while reducing the network’s footprint and complexity. They can be optimized for server-to-server and server- to-storage traffic, and they also enable the use of network virtualization to replace multiple dedicated data center-to-data center links with fewer wide area connections. Figure 4: Shadows create blind spots in a post virtualization world Shadow Shadows worked pre-virtualization with static apps Post-virtualization, traditional security models fail Shadow Appliances and VLANs Appliances and VLANs VM to VM blind spot VM VM VM VM moved outside assigned VLAN and security zone
  • 6. 63200014-001-EN Oct 2012 Copyright 2012 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. EMEA Headquarters Juniper Networks Ireland Airside Business Park Swords, County Dublin, Ireland Phone: 35.31.8903.600 EMEA Sales: 00800.4586.4737 Fax: 35.31.8903.601 APAC Headquarters Juniper Networks (Hong Kong) 26/F, Cityplaza One 1111 King’s Road Taikoo Shing, Hong Kong Phone: 852.2332.3636 Fax: 852.2574.7803 Corporate and Sales Headquarters Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA Phone: 888.JUNIPER (888.586.4737) or 408.745.2000 Fax: 408.745.2100 www.juniper.net Printed on recycled paper Key questions to ask: • Do you have a common operating system and operational model across your entire data center network? • When connecting data centers, can you not only virtualize multiple networks over a shared MPLS service, but also enable granular traffic engineering over each virtualized link, enabling customers to confidently replace expensive dedicated links with less expensive MPLS services or private wide area networks? • When refreshing 1GbE servers or adding 10GbE servers, are you able to offload rack-to-rack traffic and achieve scale that used to require three tiers of switching with only two tiers? This removal of the aggregation tier can save up to 30% of CapEx and OpEx network cost. • When building a 10GbE server data center or POD, does your architecture allow you to optimize for server-to-server and server-to-storage connectivity? An industry-leading switch fabric can give you the simplicity of multiple switches behaving and being managed like a single switch, very high performance, and the resilience and scale expected from a network of autonomous devices. Conclusion As IT organizations embrace server virtualization and move to the cloud, the changes they make might begin on legacy networks but will eventually require transformational change. In the new data center, IT infrastructure will need to be globally resilient, delivered via cloud services or by IT from multiple data centers. The data center network will be optimized for east-west traffic, and VMs will be able to move around based on demand, or there will be one VM per app on shared physical compute. Virtualized storage and master data initiatives will dictate common pools of data available to all applications. Data will be physically connected to every app, with access governed by policy. And a pool of network and security services will be available to all traffic flows, combined with firewall services built to gain visibility and security for VM-to-VM traffic without constraining app performance or compute efficiencies. This is the promise of the new network as we move from legacy systems to the efficiencies of the cloud.