I recently spoke with Extreme Networks about its data center networking strategy. One of the highlights for me was Extreme's plan to embrace the Virtual Ethernet Port Aggregator (VEPA) standard being developed in the IEEE. In simple terms, VEPA off-loads all switching activities from today's hypervisor-based virtual switches to actual physical switches. There is a bit of debate between HP and Cisco whether this switching should occur at an edge or aggregation switch (note: I like HP's approach), but suffice it to say that each vendor's goal is similar. What's the big deal about VEPA? According to ESG Research, most enterprises run between 5 and 10 VMs across one virtual switch on each physical server. Pretty elementary stuff, but moving forward it is likely that the VM to server ratio will increase and as it does, server-based networking will have to become more sophisticated. Imagine a physical server running 30 VMs for example. This might require several virtual switches, VLANs, QoS tags, security zones, etc. This network processing will add a lot of overhead to Intel-based servers and require a lot more networking functionality for hypervisors. VEPA proposes an alternative approach where servers remain servers (i.e. for application processing), provide hypervisor visibility to the network, and simply delegate switching tasks to physical switches. To me, this makes a ton of sense from a security and networking perspective. If next-generation switches support VEPA, it should make the whole virtual data center/cloud migration a lot more straight forward. My one suggestion would be some type of alignment between VEPA and OVF (i.e. Open Virtualization Format). OVF is a proposed meta data standard to describe the properties of a VM. When a VM moves from one server to another local, remote, or cloud-based server, OVF could provide VM tags that describe networking properties to other VEPA switches (VLAN tags for example). Combined, VEPA and OVF could help automate networking and security operations associated with virtualization and cloud. If virtualization is really the road to true cloud computing, virtualization intelligence sharing is critical for network engineering and security. VEPA is a step in the right direction toward this goal.
Interesting IEEE effort could help align virtualization, networking, and security
Why IBM Bought GuardiumNext Post next
Oracle, Sun, and the Identity Management Waiting Game
Windows 8 has been out for a while, featuring an interface that's as cool as it is annoying . . ....
A rant on a particularly frustrating aspect of Linux - re-compiling the kernel.
Which companies have failed the worst when it comes to cloud outages in 2014? Time for the list no one
Among computer science grads, alumni from University of California, Berkeley, led the pack with a
The outage affected more than 11 million residential customers
The 6.0 earthquake in Napa County, Calif. caused power surges that may have led to much of the damage
Click through all the products being released at VMworld this week
Company claims 5,000 companies sign up for Google Apps every day, and thousands switch from Microsoft.