Kris: ‘Next Generation Networking is a popular term with a broad meaning. Every sector and organisation gives its own twist and interpretation to this term. We too are working on Next Generation Networking and for us this entails focusing on the trend within networking. But what do we think the trend is? And how do we respond to it?
The trends: security and software defined networking
Within the world of networking, we see two major trends going on:
- Integration with security: everything today is about secure connections.
- Software defined networking: adding innovations nowadays is done increasingly less physically and more with software (and therefore virtually), with far-reaching automation possibilities as a side effect.
How does Fundaments integrate these innovations?
For us, Next Generation Networking is all about integrating security solutions and innovations into our network architecture this year. An important part of this is the deployment of VMware NSX-T. This allows us to enable full-stack network and security virtualisation. With NSX-T, we connect and protect applications in our Cloud infrastructure, including VMs, containers and bare metal servers. VMware NSX-T is a complete network and security virtualisation platform that enables us to protect and manage both Public Cloud and Private Cloud. This aligns seamlessly with our Multi Cloud strategy.
VMware NSX-T brings a number of great benefits for our customers:
Security through micro-segmentation
Thanks to micro-segmentation, applications are secured down to the individual workload. This way, not only does the virtual data centre get its own firewall, but a firewall can be configured to each component of an application. This creates very specific, multi-layered security that focuses on protecting all components of an application. So, when a security trigger occurs, it also enables very specific action to be taken and an individual component to be isolated in order to avoid further impact on the environment.
Security through IDS/IPS
IIntrusion Detection System (IDS) and Intrusion Prevention System (IPS) are automated systems that detect and take actions on unauthorised access to your network or machine. Because NSX-T IDS/IPS can be configured for each application component, it is possible to apply granular security rules for maximum grip on network security. By interfacing with firewalls, it is even possible to make security policies self-learning by using an application over a period of time and analysing the network traffic. Based on the analysis, a set of security rules can then be applied.
Advanced load balancer
Modern applications today are increasingly using a load balancer. This load balancer takes care of distributing load in the cluster where an application is running. This is another area where the next generation has been introduced: things like self-scaling, but also integration with analytics and web application firewalling, make scaling and load distribution intelligent. Therefore, scaling is truly usage-based and abuse is filtered out immediately. Smart scaling takes keeping an application available to the next level with this new generation. Current load balancers can be replaced or extended with a new NSX-T advanced load balancer (AVI) that has all the new features available.
All these techniques enable us to implement what is known as Zero Trust Security: in all layers of the network, at every location and for every application, it is possible to get a grip on the network traffic.
Cross-VDC networking
With the introduction of these innovations within the technology stack, a piece of complexity also arises. This is the very reason why it is important to also pay attention to management. Applications are growing in infrastructure demand, but also require more physical locations and different Cloud platforms. Fundaments provides a piece of convenience in that area too: using NSX-T, all the management in your VDC networks can be done from a single overview. Adding networks that need to be deployed and secured in multiple locations can therefore be done from one place. These Cross VDC networks are thus literally bridging multiple Clouds and making day-to-day management a lot easier.’
ABOUT KRIS
Kris is an enthusiastic Network Engineer who engulfs new technology and tests new ideas daily from the Office of the CTO. All optimisations that can be applied, he carefully plans them with the team of Cloud Engineers and subsequently, after extensive testing, deploys them. In doing so, he makes Fundaments' network resilient, versatile and easily manageable for our customers and his immediate colleagues.
