VMWorld 2019 is in the books now, and as is the case with previous incarnations of the event, we were treated a wide range of new products from the host company and its partners. One of the more intriguing partner announcements that flew under the radar was from intent-based networking (IBN) vendor Apstra, whose product can help customers get VMware’s SDN solution, NSX-T, deployed faster with less risk.
Go here to see eWEEK’s Resource Page on Intent-Based Networking.
For those not familiar with NSX-T, the product is similar to its flagship product, NSX, but works in multi-vendor environments. This matches up well with Apstra’s value proposition of being the only network vendor to offer a vendor agnostic solution.
NSX-T is compelling but has same deployment challenges
VMware’s NSX-T brings tremendous benefits to data center network by creating virtual network and security overlays to the physical underlay. The software-defined network and security services enables organizations to deploy services much faster than if they had to configure the hardware. It’s this increased agility that can bring the network into alignment with the rest of the IT stack, much of which has already been modernized.
However, as is the case with most things in life, NSX-T isn’t perfect and creates the following challenges for the IT organizations:
- Inability to manage the integration gaps between the underlay physical network and overlay network NSX holistically and efficiently. These “blind spots” play havoc with ongoing management and troubleshooting;
- Intent synchronization of NSX virtual network services with physical network such as MTU, VLAN, LAG, etc. tend to be manual, cumbersome and error-prone;
- Inability to easily enforce, automate consistent security and network policies across physical and virtual workloads as well as physical and virtual NSX network environments;
- Long delays in provisioning/de-provisioning apps as no common tools exist that could enable collaboration between network teams and NSX virtualization teams;
- Inability to respond quickly to potential issues, causing unacceptably slow MTTR due to misconfigurations and limited visibility into data center traffic between a virtual NSX overlay and underlay physical network; and
- Heterogeneous physical network environment and siloed network and virtual teams with no common tools for collaboration compound the overall challenges.
Apstra bridges the physical/virtual divide of NSX-T
The tight and seamless integration between NSX-T and the Apstra OS (AOS) speeds up deployment times, improves collaboration between IT teams and lowers operational costs via the following:
- Enabling NSX-T to operate efficiently in an open, heterogenous, underlay hardware agnostic environment;
- Delivering a single source-of-truth and dashboard for network, security, virtualization and cloud teams providing unified visibility across the physical underlay and the virtual overlay;
- Automated synchronization of network and security service-intent policies at the physical and virtual/NSX level for all workloads accelerating deployments. Apstra claims this can reduce Opex by 83% and accelerating MTTR by 70%. Given the manual nature of networking today, these numbers certainly seem reasonable;
- Validates NSX-T requirements for the physical infrastructure such as MTU, VLAN and LAG;
- Dynamically configures security policy enforcement and validation across bare metal and virtual workloads by extending NSX policies to ToR switches and bare metal servers;
- Immediate detection of anomalies and misconfigurations between the physical underlay and NSX virtual overlay;
- Cloud-scale remediation of anomalies from hours and days to minutes via a “single click” dashboard;
- Eliminates tickets that are a result of misconfigurations between physical and NSX/virtual networks; and
- Increases physical and virtual workloads availability and security based on defined service-intent policies in NSX-T.
Conclusion
After getting off to a bumpy start, VMware has legitimized itself as a legitimate network vendor during the past few years. The company has a lot of potential but VMware’s lack of awareness of the physical underlay holds it back. Apstra’s integration can bridge the gap between the underlay and virtual overlay and deliver intent based networking into multi-vendor environments.
Zeus Kerravala is an eWEEK regular contributor and the founder and principal analyst with ZK Research. He spent 10 years at Yankee Group and prior to that held a number of corporate IT positions.