Today, with a joint webcast, VMware, Cisco and NetApp announced a new partnership.
The three companies created an architectural blueprint, and they jointly own the intellectual property (IP) of it, called Secure Multi-Tenancy.
It’s available today, since it doesn’t include any new product or technology, ready to be implemented and deployed through partners.
The announcement is nowhere near the launch of the Virtual Computing Environment coalition that VMware, Cisco and EMC used to shake the market in November 2009, but takes a similar approach in offering pre-tested and validated computing stacks.
Specifically, the fault-tolerant architecture includes VMware vSphere and vShield, Cisco Unified Computing System (UCS), the Nexus 1000V virtual switch and MDS Switches, and NetApp
MultiStore with Data Motion technology:
VMware, Cisco and NetApp designed the architecture around four principles:
- Availability allows the infrastructure to meet the expectation of compute, network, and storage to always be available even in the event of failure. Like the Secure Separation pillar, each layer has its own manner of providing a high availability configuration that works seamlessly with adjacent layers. Security and availability are best deployed from a layered approach.
- Secure Separation ensures one tenant does not have access to another tenant’s resources, such as virtual machine (VM), network bandwidth, and storage. Each tenant must be securely separated using techniques such as access control, VLAN segmentation, and virtual storage controllers. Also, each layer has its own means of enforcing policies that help reinforce the policies of the adjacent layers.
- Service Assurance provides isolated compute, network, and storage performance during both
steady state and non-steady state. For example, the network can provide each tenant with a certain bandwidth guarantee using Quality of Service (QoS), resource pools within VMware help balance and guarantee CPU and memory resources, while FlexShare can balance resource contention across storage volumes. - Management is required to rapidly provision and manage resources and view resource availability. In its current form, each layer is managed by vCenter, UCS Manager, DC Network Manager, and NetApp Operations Manager, respectively.
Compared to the VMware-Cisco-EMC Vblock computing stack, this solution seems to lack a unified management console that can coordinate all the other pieces (in the VCE Vblocks that piece exists: it’s the EMC Ionix Unified Infrastructure Manager) but the description above seems to suggest that future generations will have something different.
Overall, the blueprint is really interesting and customers may welcome this new attempt to reduce their investment in the design phase. The only problem is that the customer’s security department has to trust vShield, a virtual firewall that VMware acquired from the startup Blue Lane Technology in November 2008 and that was launched in early 2007.