Cisco Virtual Network Management Center



Similar documents
Cisco Virtual Security Gateway for Nexus 1000V Series Switch

Cisco ASA 1000V Cloud Firewall

Cisco Nexus 1000V Switch for Microsoft Hyper-V

Cisco and Canonical: Cisco Network Virtualization Solution for Ubuntu OpenStack

Securing Virtual Applications and Servers

Cisco Prime Data Center Network Manager Release 7.0: Fabric Management for Cisco Dynamic Fabric Automation

Cisco Prime Data Center Network Manager Release 6.1

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

Cisco UCS Central Software

Cisco Nexus 1000V Series Switches

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

VMware vcloud Director for Service Providers

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security

Cisco Network Services Manager 5.0

Cisco ACI Simulator Release Notes, Release 1.2(1i)

Business Benefits. Cisco Virtual Networking solutions offer the following benefits:

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Virtualization, SDN and NFV

Cisco Nexus 1000V Virtual Ethernet Module Software Installation Guide, Release 4.0(4)SV1(1)

OVERVIEW OF VIRTUAL FIREWALLS ON VBLOCK INFRASTRUCTURE PLATFORMS

Cisco Data Center Network Manager Release 5.1 (LAN)

Installing Intercloud Fabric Firewall

Understanding Cisco Cloud Fundamentals CLDFND v1.0; 5 Days; Instructor-led

Cisco Intercloud Fabric for Business

Cisco Intelligent Automation for Cloud

How To Extend Security Policies To Public Clouds

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft

VMware for SMB environments(min st year)

The Advantages of Cloud Services

Cisco-Citrix Alliance

Cisco Data Center Network Manager for SAN

Introduction... 4 Purpose... 4 Scope... 4 Audience... 5 Feedback... 5

OnCommand Unified Manager 6.3

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Cisco Expressway Series

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track**

Cisco Hybrid Cloud Solution: Deploy an E-Business Application with Cisco Intercloud Fabric for Business Reference Architecture

Cisco Application Control Engine in the Virtual Data Center

VMware vsphere 4.1. Pricing, Packaging and Licensing Overview. E f f e c t i v e A u g u s t 1, W H I T E P A P E R

Cisco Virtual Wide Area Application Services: Technical Overview

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Set Up a VM-Series NSX Edition Firewall

Cisco TelePresence Conductor

How Cisco IT Automated End-to-End Infrastructure Provisioning In an Internal Private Cloud

Contents UNIFIED COMPUTING DATA SHEET. Virtual Data Centre Support.

System Requirements and Server Configuration

OnCommand Performance Manager 1.1

VMware vcenter Log Insight Getting Started Guide

Federated Application Centric Infrastructure (ACI) Fabrics for Dual Data Center Deployments

OnCommand Unified Manager 6.2

Cisco Intercloud Fabric Getting Started Guide, Release 2.3.1

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

Cisco Intelligent Automation for Cloud

Deliver Fabric-Based Infrastructure for Virtualization and Cloud Computing

Installation Guide Avi Networks Cloud Application Delivery Platform Integration with Cisco Application Policy Infrastructure

Cisco OverDrive Network Hypervisor 4.0

Cisco Intercloud Fabric Security Features: Technical Overview

EMC ENCRYPTION AS A SERVICE

VMware vsphere 4. Pricing, Packaging and Licensing Overview W H I T E P A P E R

Cisco Secure Control Access System 5.8

vcloud Air Disaster Recovery Technical Presentation

Datacenter Networking. Joy ABOIM Consulting System Engineer

Virtual Appliances. Virtual Appliances: Setup Guide for Umbrella on VMWare and Hyper-V. Virtual Appliance Setup Guide for Umbrella Page 1

Cisco Nexus 1000V Switches

Cloud Infrastructure Licensing, Packaging and Pricing

Installing and Configuring vcloud Connector

vshield Quick Start Guide

Installing and Using the vnios Trial

About the VM-Series Firewall

VMware vcenter Log Insight Getting Started Guide

VCE Vision Intelligent Operations Version 2.5 Technical Overview

EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION

Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT.

VMware Identity Manager Connector Installation and Configuration

Software Defined Network (SDN)

CA ControlMinder for Virtual Environments May 2012

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0

Installing and Administering VMware vsphere Update Manager

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

VMware vcloud Automation Center 6.1

Cisco License Manager 3.1

Rally Installation Guide

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Lecture 02b Cloud Computing II

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

OnCommand Performance Manager 2.0

CiscoWorks Resource Manager Essentials 4.3

vshield Administration Guide

Application Centric Infrastructure Object-Oriented Data Model: Gain Advanced Network Control and Programmability

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

vshield Installation and Upgrade Guide

CiscoWorks Resource Manager Essentials 4.1

Set Up a VM-Series NSX Edition Firewall

Transcription:

Data Sheet Cisco Virtual Network Management Center Introduction The dynamic nature of the cloud paradigm introduces new needs for automation, but it also facilitates new types of automation due to the infrastructure standardization that cloud enables. In fact, two primary characteristics of the cloud paradigm that advance IT efficiency are data center standardization and broad-reaching advanced automation. Organizations that are transitioning to cloud computing know that the principles of standardization and automation apply across the IT disciplines and affect all areas of the data center, including networking. The dynamic nature of today s data centers require IT organizations to apply and enforce frequent changes to networking infrastructures that consist of virtual service instances such as firewalls, load balancers, routers, and switches. Executing and enforcing such infrastructure changes properly and consistently requires networking solutions with advanced automation capabilities that give IT the ability to rapidly automate common infrastructure solutions from pre-defined or golden templates. These templates need to be applied through the network consistently and to IT s meticulous standards. The Cisco Virtual Network Management Center (VNMC) addresses those issues by automating processes, freeing staff to focus on optimizing the network environment. Cisco VNMC supports greater scalability along with standardization and consistent execution of policies. Ultimately Cisco VNMC supports the current shifts in IT, leading to more standardized, automated dynamic infrastructure and networks. As part of the larger Cisco Nexus 1000V Switch solution, this Unified Management solution complements the Cisco ASA 1000V Cloud Firewall and Cisco Virtual Security Gateway (VSG) for Nexus 1000V Series Switch. Product Overview Cisco VNMC is the primary element of Cisco Nexus 1000V Series Switches that can enable the switches to deliver transparent, scalable, and automation-centric network management for virtualized data center and cloud environments. Cisco Nexus 1000V Series Switches deliver highly secure multitenant services by adding virtualization intelligence to the data center network. These soft switches are built to scale for cloud networks. Support for Virtual Extensible LAN (VXLAN) helps enable scalable LAN segmentation and broader virtual machine (VM) mobility. Cisco VNMC can enable centralized management of Cisco virtual services to be performed by an administrator or programmatically through its GUI and XML API. Cisco VNMC is built on an information-model architecture in which each managed device is represented by its subcomponents (or objects), which are parametrically defined. This model-centric approach enables a flexible and simple mechanism for securing virtualized infrastructure using Cisco VSG and Cisco ASA 1000V Cloud Firewall virtual security services (Figure 1). 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 6

Cisco VNMC provides several important benefits that advance efficiency for administration teams and the network: Rapid and scalable deployment through dynamic, template-based policy management based on security profiles Transparent operation management through an XML API that can enable programmatic integration with third-party management and orchestration tools Collaboration across security and server teams while maintaining administrative separation and reducing errors through a consistent and repeatable deployment model Figure 1. Cisco VNMC Provides Centralized Device and Policy Management of Cisco VSG and the Cisco ASA 1000V Cloud Firewall in Virtual Data Centers and Multi-Tenant Private and Public Clouds As shown in Figure 1, VSG and ASA1000V address different aspects of securing the virtualized data center environments. VSG offers a zone-based firewalling solution for inter-vm traffic, while ASA1000V offers edgecentric security services (firewall, Network Address Translation [NAT], VPN, Dynamic Host Configuration Protocol [DHCP], et al.). Both have tight integration with Cisco Nexus 1000V and both have a single management platform (VNMC). Features and Benefits Consistent, Efficient Execution of Security Policies Cisco VNMC uses security profiles for template-based configuration of security policies. A security profile is a collection of security policies that can be predefined and applied on demand at the time of virtual machine instantiation. This profile-based approach significantly simplifies authoring, deployment, and management of security policies, including in a dense multi-tenant environment, while enhancing deployment agility and scaling. Security profiles also help reduce administrative errors and simplify audits. 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 6

The XML API for Cisco VNMC facilitates integration with northbound network provisioning tools for programmatic network provisioning and management of Cisco VSG and Cisco ASA 1000V. The option of programmatic control of Cisco VSG and Cisco ASA1000V can greatly simplify operation processes and reduce infrastructure management costs. Non-Disruptive Administration Model By providing visual and programmatic controls, Cisco VNMC can enable the security operations team to author and manage security policies for virtualized infrastructure and enhance collaboration with the server and network operations teams. This non-disruptive administration model helps ensure administrative segregation of duties to reduce administrative errors and simplify regulatory compliance and auditing. Cisco VNMC operates in conjunction with the Cisco Nexus 1000V Series Virtual Supervisor Module (VSM) to achieve the following workflow: Security administrators can author and manage security profiles and manage VSG and ASA 1000V instances. Security profiles are referenced in Cisco Nexus 1000V Series port profiles. Network administrators can author and manage port profiles, as well as manage Cisco Nexus 1000V Series distributed virtual switches. Port profiles with referenced security profiles are available in VMware vcenter through the Cisco Nexus 1000V Series VSM s programmatic interface with VMware vcenter. Server administrators can select an appropriate port profile in VMware vcenter when instantiating a virtual machine. Figure 2 displays how to manage security policies in a multi-tenant data center. Figure 2. GUI Screen Illustrating Security Policy Management in a Multi-Tenant Data Center 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 6

Efficient Management for Easier Scalability Cisco VNMC implements an information-model architecture in which each managed device, such as Cisco VSG or Cisco ASA 1000V, is represented by the device s object-information model. This model-based architecture helps enable the use of: Stateless managed devices - Security policies (security templates) and object configurations are abstracted into a centralized repository. Dynamic device allocation - A centralized resource management function manages pools of devices that are commissioned (deployed) in service and a pool of devices that are available for commissioning. This approach simplifies large-scale deployments because managed devices can be pre-instantiated and then configured on demand, and devices can be allocated and de-allocated dynamically across commissioned and noncommissioned pools. Scalable management - A distributed management-plane function is implemented using an embedded agent on each managed device that helps enable greater scalability. Table 1 details the primary features of Cisco VNMC and the benefits they promote. Table 1. Features and Benefits Feature Description Benefits Multiple-Device Management Cisco VNMC provides central management of Cisco VSG and ASA 1000V for Cisco Nexus 1000V Series Switches. Simplifies provisioning and troubleshooting in a scaledout data center. Security Profiles Stateless Device Provisioning Security Policy Management Context-Aware Security Policies A security profile represents the Cisco VSG or ASA1000V security policy configuration in a profile (template). The management agents in Cisco VSG and ASA 1000V are stateless, receiving information from Cisco VNMC. Security policies are authored, edited, and provisioned centrally. Cisco VNMC obtains virtual machine contexts from VMware vcenter. Simplifies provisioning, reduces administrative errors during security policy changes, reduces audit complexities, and helps enable a highly scaled-out data center environment. Enhances scalability Provides robust endpoint failure recovery without loss of configuration state Simplifies operation and management of security policies Helps ensure that security intent is accurately represented in the associated security policies Allows a security administrator to institute highly specific policy controls across the entire virtual infrastructure. Dynamic Security Policy and Zone Provisioning Cisco VNMC interacts with the Cisco Nexus 1000V Series VSM to bind the security profile to the corresponding Cisco Nexus 1000V Series port profile. When virtual machines are dynamically instantiated by server administrators and appropriate port profiles applied, their association with trust zones is also established. Helps enable security profiles to stay aligned with rapid changes in the virtual data center. Multi-Tenant (Scale-Out) Management Role-Based Access Control (RBAC) XML-Based API Cisco VNMC is designed to manage Cisco VSG and ASA 1000V security policies in a dense multi-tenant environment so that administrators can rapidly add and delete tenants and update tenant-specific configurations and security policies. RBAC simplifies operation tasks across different types of administrators, while allowing subject-matter experts to continue with their normal procedures. Cisco VNMC XML API allows external system management and orchestration tools to programmatically provision Cisco VSG and ASA 1000V. Reduces administrative errors, helps ensure segregation of duties in administrative teams, and simplifies audit procedures. Reduces administrative errors Enables detailed control of user privileges Simplifies auditing requirements Allows use of best-in-class management software Offers transparent and scalable operation management 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 6

Software Packaging and Installation Tables 2 and 3 describe how to obtain the software for Cisco VNMC. Table 2. Package Packages and Descriptions Description Open Virtualization Format (OVF) ISO Format Downloadable OVF virtual appliance in the form of a single file with the.ova extension Deployed with OVF templates and packages Downloadable ISO file that can be mounted on a virtual machine System Requirements Table 3. Component Components and Specifications Specification Cisco VNMC Virtual Appliance Hypervisor and Hypervisor Manager Web Browser (Client) Interfaces and Protocols 1 virtual CPU at 1.5 GHz RAM: 3 GB Hard disk (vdisk): 25 GB Network interfaces: 1 (management) VMware vsphere 4.1.0, and 5.0 with VMware ESX or ESXi VMware vcenter 4.1.0, and 5.0 Internet Explorer 9.0 or higher; Mozilla Firefox 11.0 or higher; and Chrome 18.0 or higher Adobe Flash Player plug-in 11.2 or higher XML API, HTTP/HTTPS, Lightweight Directory Access Protocol (LDAP), and syslog Licensing and Ordering VNMC is the management platform for VSG and ASA1000V, and is mandatory for those offerings. Although, VNMC is installed like a stand-alone product, it is offered as part of a bundle of either VSG or ASA1000V, and it is added automatically when ordering those products. Please contact your Cisco representative to help you determine and place the appropriate order for your particular environment. Service and Support Cisco Software Application Support plus Upgrades (SASU) is a comprehensive support service that helps you maintain and enhance the availability, security, and performance of your business-critical applications. Cisco SASU includes the following resources: Software updates and upgrades - The Cisco SASU service provides timely, uninterrupted access to software updates and upgrades to help you keep existing systems stable and network release levels current. Updated releases, including major upgrade releases that may include significant architectural changes and new capabilities for your licensed feature set, are available by software download from Cisco.com or by CD-ROM shipment. Cisco Technical Assistance Center (TAC) - Cisco TAC engineers provide accurate rapid diagnosis and resolution of software application problems to help you reduce outages and performance degradation. These specialized software application experts are trained to support Cisco VNMC. Their expertise is available to you 24 hours a day, 365 days a year, by telephone, fax, email, or the Internet. 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 6

Online support - Cisco SASU provides access to a wide range of online tools and communities to help you resolve problems quickly, support business continuity, and improve competitiveness. For More Information For additional information about Cisco VNMC and related products, please visit the following links: Intelligent Automation Software: http://www.cisco.com/go/ia Cisco Virtual Network Management Center: http://www.cisco.com/go/vnmc Cisco Virtual Security Gateway: http://www.cisco.com/go/vsg Cisco ASA 1000V Cloud Firewall: http://www.cisco.com/go/asa1000v Cisco Nexus 1000V Series Switches: http://www.cisco.com/go/nexus1000v Cisco NX-OS Software: http://www.cisco.com/go/nxos VMware vsphere: http://www.vmware.com/go/vsphere Printed in USA C78-618245-04 08/12 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information