04-13-2012 10:26 PM
I am tasked with comeing up with a VMWare based solution for a very convetional data center, The virtualization would be on VMWare and I am looking towards for deploying 2 VDX 6720's to facilitate VMMotion and ISCSI base storage access. I have attached a draft schematic of the existing topology and the planned new topology and would much appreiate your comments to enhance the same...the number of server to be virtualised are around 12 and there would be 2 WMWare servers in the final deployment
The concern the customer has on the maintance of the security contexts of the servers and also as to the routeing would work across the VDX 6720's..
Thanks in Advance..
04-15-2012 12:51 AM
Looking at the specs the VDX supports routing and interoperability with other vendors.
The concern the customer has on the maintance of the security contexts of the servers
In what context? Is it the SAN LAN convergence? Firewall?
Proposed solution could be dropped into one off the security levels as they exist if you want to.
04-15-2012 08:59 AM
Thanks for the response, the customer is looking at mainlining the same security conetxts (security zones) off the firewall for the virtualised servers...
thanks in advance..
04-15-2012 09:28 AM
Security principals you assign/design for physical machines apply to virtuals as well, no difference on that parts.
How many security zones are you planning to visualize? If it's 2 or three you could opt to install a CNA/NIC per zone/per esx host. Otherwise you can trunk the vlans to your ESX hosts and tag them there.
04-16-2012 08:02 AM
Thanks for the update well there would be around 3 security zones all together... could you please elaborate on the trunking the VLANS for the ESX host and the tagging process..
04-16-2012 08:54 AM
Well Ethernet is not my strong point, but a trunk is basically a connection that carries all/multiple VLAN's.
You can use ESX to assgn VM's to the appropiate VLAN.