You are on page 1of 13

n eBOOK

DATA CENTER

THE STATE OF THE VIRTUALIZED DATA CENTER


CHAPTER 1: Business Trends CHAPTER 2: SDN & Virtualization CHAPTER 3: Virtualization: Why You Need a Simplied Architecture CHAPTER 4: Business Continuity and Disaster Recovery CHAPTER 5: Physical and Virtual Security CHAPTER 6: Management and Automation CONCLUSION

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

CHAPTER 1: BUSINESS TRENDS


AGILITY. Its impossible to read an article in the trade press or attend a webinar without the word coming up. And thanks to the increased adoption of virtualization, IT leaders have gotten a taste of what it means to be agile. Organizations today increasingly look to the data center network for competitive differentiation. Its no longer just about speeds and feeds and big pipes. Virtualization has changed that equation. Case in point: The results of the 2013 Computerworld State of the Enterprise survey1 suggest that IT departments are becoming adept at linking even routine investmentslike networkingto business objectives. When asked how important infrastructure technologies were to creating a competitive advantage for their companies, a majority of respondents rated data center-related technologies, including IT and network services management (57 percent) and virtualization (56 percent), as either very important or critical.

57%
IT and network services management

IMPORTANCE OF INFRASTRUCTURE TECHNOLOGIES TO CREATING A COMPETITIVE ADVANTAGE FOR COMPANIES

56%
Virtualization

That emphasis is showing up in investment plans for the network and data center. The 2012 Network World State of the Network study2 showed 34 percent of the respondents were ready to roll out or were planning to roll out, 17 percent were investigating what direction to take, and 30 percent were already fully deployed.

NETWORK/DATA CENTER INITIATIVES

4%

New to us

Desktop/storage/ network virtualization

17% 18% 16%

Investigating what direction to take

Ready for rollout within next 12 months

Planning for rollout in next 13 years

30%
15%

Fully deployed

Not on our radar

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

These plans are being built on a proven track record for virtualization: Over the past decade, data center agility has dramatically increased with the virtualization of compute and storage resources. Applications have transitioned from client/server architectureswhere each application was tied to a specic physical serverto virtualized architectures where software abstracts the application from the physical server, allowing the application to reside literally anywhere. Storage, meanwhile, has transitioned from physical resources dedicated to specic applications or servers to shared pools. But IT understands that the infrastructure is not as agile as it could beor as it needs to be. While data center agility has greatly increased due to application, server and storage virtualization, the IT infrastructure is still not agile enough to meet business demands. The problem is the network. Virtualization is dependent on the network, and the network is incredibly complex. So complex, in fact, that it brings resource provisioning to a standstill. Its not just network virtualization thats being held back; this holds true across all virtualization strategies. A 2013 survey conducted by Network World on behalf of Juniper Networks showed that at least half of IT leaders said network complexity is holding back virtualization for networks, storage, applications and servers. This e-book looks at the virtualization trends uncovered in the survey conducted by Network World on behalf of Juniper Networks and offers advice for optimizing data center agility through network virtualization in a simple, open, smart manner.

Virtualization is dependent on the network, and the network is incredibly complex. At least half of IT leaders said network complexity is holding back virtualization for networks, storage, applications and servers.
SOURCE: 2013 SURVEY CONDUCTED BY NETWORK WORLD ON BEHALF OF JUNIPER NETWORKS

Computerworld, 2013 State of the Enterprise Survey. http://marketing.computerworld.com/CW_State_of_Enterprise_2013.pdf


2

Network World 2012 State of the Network Study http://marketing.networkworld.com/pdf/NWW_StateoftheNetwork_2012.pdf

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

CHAPTER 2: SDN & VIRTUALIZATION


Organizations are increasingly considering software-dened networking (SDN) to reduce the complexity of network operations. In fact, more than half of the respondents to the Network World survey said they are either currently evaluating or plan to evaluate SDN in the next 24 months as a way to automate and simplify network operations.

MORE THAN ONE-HALF WILL EVALUATE SDN WITHIN THE NEXT 2 YEARS.

Respondents in the nance, education and high tech industries are more likely than those in manufacturing to be evaluating or have plans to evaluate SDN.
In the process of evaluating

18% 16% 18%

TOTAL

Will evaluate in the next 12 months

52%

Will evaluate 1224 months from now

SDN enables direct programmatic control of the network (in line with end-user application needs) rather than programming around the network. Heres how: SDN separates the network control plane from the data plane. In other words, control of the network is taken out of individual network elements and centralized in a controller. Instead of individually managing and conguring devices on the network, network administrators can automate and centrally manage them via the controller, which provides complete visibility into the network. Whats more, SDN gives network administrators more granular control. They can prioritize, de-prioritize and block specic types of packets without having to touch individual network switches. Unfortunately, deploying SDN technologies isnt without its challenges. Nearly half of survey respondents say an IT skills gap is the biggest challenge they have encountered or expect to encounter when deploying SDN, and for good reason. In a software-dened network, applications at Layer 7 can interact and automate down to Layer 2. As a result, network engineers must think more broadly about the decisions they are making. They must be able to architect workloads across multiple pieces of infrastructure and determine how those workloads should be treated under varying conditions. In addition, as the network becomes increasingly automated, network architecture and design skills will become increasingly valuable.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

NEARLY ONE-HALF HAVE ENCOUNTERED OR EXPECT TO ENCOUNTER IT SKILL GAPS WHEN DEPLOYING SDN TECHNOLOGIES. ORGANIZATIONS ALSO CITE THE LACK OF PROVEN ROI AS A TOP OBSTACLE TO DEPLOYMENT.

Challenges Encountered/Expect to Encounter in Deploying Software-Dened Networking Technologies


IT skill gaps Unsure of ROI/immature technology Integrating with current technology Staff resource constraints Cultural barriers within IT (change management) Business disruption/downtime during transition

49% 48% 43% 39% 26% 24%

The lack of a proven return on investment (ROI) is the second biggest challenge organizations report facing when deploying SDN technologies. However, there are plenty of quantiable benets that organizations can use to determine the ROI for their SDN deployment. For example, organizations should consider the efciency gains SDN enables and the impact they have on the organizations ability to deliver IT services faster. Organizations can also factor in lower operating expenses as a result of centralizing network management. They also stand to reduce capital expenditures by becoming less dependent on proprietary hardware, dedicated appliances and application-specic devices.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

CHAPTER 3: VIRTUALIZATION: WHY YOU NEED A SIMPLIFIED ARCHITECTURE


Virtualization is maturing, and organizations are realizing its benets. More than half of the respondents to the Network World survey report full or pervasive virtualization at their organizations. The increased virtualization and outsourcing to the cloud is most often being driven by businesscontinuity and disaster-recovery (BC/DR) initiatives. The desire to improve application performance and agility is also a top driver. Meanwhile, in larger companies, anticipated cost savings, as well as moves, consolidations and mergers, are more likely to be driving virtualization and cloud initiatives. But getting virtualized has its challenges. The majority of respondents report that network complexity is a barrier to increased virtualization. This is because the network cannot keep up with the speed of change made possible by server virtualization and cloud computing. Servers can be spun up in hours, even minutes, but network resources require days or weeks, with multiple touch points often handled by multiple people. The complexity of the network has made it a bottleneck. And that brings us to another challenge organizations encounter when virtualizing: IT silos. Networking, storage, server and application teams work independently, doing their part to prepare an IT resource for user consumption, then pushing it along to the next group with minimal automation. Many of todays organizations understand the need to reduce network complexity before embarking on a network virtualization project. That means preparing both the network itself and the staff responsible for the network. Case in point: Nearly 50 percent of survey respondents said they plan to change the structure of their IT organizations to accelerate virtualization and cloud. Among organizations with more than 1,000

NEARLY 50% HAVE PLANS TO CHANGE THE IT STRUCTURE TO ACCELERATE VIRTUALIZATION AND CLOUD. ONE IN FIVE ARE CREATING NEW IT TEAMS DEDICATED TO RE-ARCHITECTING THE NETWORK.

Plans for Changing IT Structure to Accelerate Virtualization and/or Cloud Initiatives over Next 12 Months
Consolidating/merging IT teams or silos (e.g., networking, storage, server, application teams) Creating a new IT team dedicated to re-architecting the network Creating other new IT teams

37% 20% 7% 3% 51%

Other No changes planned to ITs structure

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

employees, that percentage reaches 67 percent. These organizations are either consolidating or merging IT teams or silos (e.g., networking, storage, server and/or application teams), or creating new IT teams dedicated to rearchitecting the network. As far as the network itself goes, 56 percent of organizations plan to make changes or upgrades to the network to better support virtualization. This is incredibly important because the physical network serves as the foundation for the virtual network. Any issues in the physical network are likely to manifest in the virtual network as well. The physical network must have certain characteristics before it is virtualized. For example, the physical network must enable any-to-any connectivity with fairness and non-blocking behavior. This ensures deterministic performance of the virtual network on top of the physical network, and that network behavior will not change based on the location of a virtual machine (VM). The physical network must also be low latency and low jitter, and have no packet drops under congestions. When it comes to upgrading the network, 30 percent of organizations prefer a full solution stack when choosing network vendors. The remaining respondents prefer best-of-breed solutions or do not have a strong preference. Furthermore, nearly seven in 10 organizations are likely to outsource components when making network upgrades/improvements, including solution implementation (40 percent), network design (35 percent) and post-implementation support (32 percent).

MORE THAN HALF (56%) ARE PLANNING TO MAKE CHANGES OR UPGRADES TO THE NETWORK IN ORDER TO BETTER SUPPORT VIRTUALIZATION, WHILE 2% WILL VIRTUALIZE THE ENTIRE NETWORK.

Plans for Changes/Improvements to Network to Accelerate Virtualization and/or Cloud Initiatives over Next 12 Months
We are planning signicant changes or upgrades to the network in order to better support virtualization in other areas We are planning moderate changes or upgrades to the network in order to better support virtualization in other areas We are planning to virtualize the entire network Minimal changes or improvements to the network are planned

17% 39% 2% 36% 6%

Dont know

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

CHAPTER 4: BUSINESS CONTINUITY AND DISASTER RECOVERY


Nearly all survey respondents report that BC/DR is a consideration when planning network changes or upgrades. More specically, organizations most often consider network availability, network security and user connectivity.

NEARLY ALL RESPONDENTS REPORT BC/DR IS A CONSIDERATION WHEN PLANNING NETWORK CHANGES OR UPGRADES. ORGANIZATIONS MOST OFTEN CONSIDER NETWORK AVAILABILITY, NETWORK SECURITY AND USER CONNECTIVITY.

Aspects of Business Continuity/Disaster Recovery Taken into Consideration when Planning Network Changes/Upgrades
Network availabillity

85% 74% 64% 61% 59% 52%

Network security

User connectivity Ensuring continuous data access Data protection

Data replication

Legacy infrastructure is the top challenge organizations face when improving BC/DR, cited by 42 percent of survey respondents. Operating multiple virtualized Layer 2 networks can help solve this problem. Applications can be connected between multiple virtual networks within a single data center or between physical data centers. The objective is to create location independence in the network so the application provides the same performance from any server within the data center and from any data center location. To achieve this, organizations must have universal SDN connectivity to be able to programmatically move the application anywhere for BC/DR purposes, and to deliver consistent behavior from the virtualized networks.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

LEGACY INFRASTRUCTURE IS CITED AS THE TOP CHALLENGE IN IMPROVING BUSINESS CONTINUITY AND DISASTER RECOVERY.

Top Challenges to Improving Business Connectivity/Disaster Recovery


Legacy infrastructure Multiple failure points

42% 28% 28% 27% 26% 23% 22% 19%

Security gaps Infrastructure built without clearly identifying application requirements Inconsistent management and security policies Infrastructure sprawl Practicing manual backup and conguration Trafc is not prioritized based on application relevance, causing performance issues

Universal SDN gateways provide the advanced and exible physical and virtual network routing and bridging connections and translations required for inter-, intra- and cross-virtual network communications. A universal SDN gateway allows you to move compute resources between networks, either within physical data centers, between physical data centers, or between a physical data center and a cloud environment. Virtual overlay networks are designed to imitate all aspects of the underlying physical network, subjecting the overlay network to performance, degradation and reliability issues when broadcast, unicast or multicast packets are ooded to all devices within a broadcast domain. Broadcast, unicast and multicast ooding is standard network behavior that physical network equipment is designed to handle. However, broadcast, unicast and multicast ooding places an exponential burden on the servers hosting the virtual network, which does not scale, potentially degrading the virtual network. Hardware-based overlay replication available on universal SDN gateways ofoads broadcast, unicast and multicast packets from the virtual network and allows purpose-built hardware-based devices to convert these packets into standard broadcast, unicast or multicast packets. These packets are then forwarded to their intended receivers to deliver performance, scale and reliability as well as consistent behavior from the virtualized network.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

10

CHAPTER 5: PHYSICAL AND VIRTUAL SECURITY


Virtualization has changed the face of the data center. Todays data centers are a mix of physical servers and virtual workloads, and require a more pervasive range of security as a result. With nearly every organization implementing some degree of cloud computing, virtualization security is as integral a component as traditional rewalls are in todays networks. This is evidenced by the results of the Network World survey. At 59 percent, the majority of respondents report that network security is an upfront consideration when implementing new network technology. Network security is important because its the backbone of the larger security ecosystem. In the past, security measures were largely reactive. But IT organizations are becoming more proactive. They want to have a strategy in place as they implement initiatives around virtualization, cloud services, consolidation and modernization. And the strategy must be balanced with convenience and speed. Applications and Infrastructure-as-a-Service can be provisioned in minutes. Organizations need the ability to scale and ex the network and security to assure it serves the interest of the application. It is unacceptable for security to take a couple of months to catch up with the virtualized resources. Security should be constantly scaled and exed in tandem with the physical network or SDN network or both.

A MAJORITY OF RESPONDENTS REPORT THAT NETWORK SECURITY IS AN UPFRONT CONSIDERATION WHEN IMPLEMENTING NEW NETWORK TECHNOLOGY.

Consideration of Network Security When Implementing New Network Technology


Upfront consideration we usually update our security environment to keep pace with network changes as they happen. Mid implementation we try to anticipate changes in security requirements as network changes occur, but this doesnt always work out. Post data center implementation when network design changes are made, security is typically built in at a later stage.

59% 28% 7%

Performance is also a concern when evaluating network security solutions to support a virtualized environment. In fact, 80 percent of respondents to the Network World survey consider it highly important to be able to support new services and technologies without sacricing performance. This tends to be a problem when perimeter security solutions are retrotted for the virtual environment rather than purpose-built for VMs. It can be compared to putting a heavy coat of armor on a little machine that wants to move around. The armor weighsand slowsthe VM down. Furthermore, because VMs are in a multitenant environment, it is important to secure them north to south with other physical perimeter security measures, but also east to west to protect them from other VMs that might be sitting on the same server. Security must double-downmaking sure no one is coming in from the outside or the VM sitting next doorbut without slowing performance.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

11

WHEN EVALUATING NETWORK SECURITY SOLUTIONS TO SUPPORT A VIRTUALIZED ENVIRONMENT, 80% CONSIDER IT HIGHLY IMPORTANT TO BE ABLE TO SUPPORT NEW SERVICES AND TECHNOLOGIES WITHOUT SACRIFICING PERFORMANCE.

Level of Importance When Evaluating Network Security Solutions to Support a Virtualized Environment
Critical Very important Somewhat important Not very important Not at all important

Support new services and technologies without sacricing performance/end-user experience Virtualized security policy is consistent and integrated with physical security policy Detailed reporting/logging of access events and trafc to support SLAs and compliance requirements Full visibility and access control over all trafc owing through VMs

31%

49%

1% 18% 1% 2% 1%

26%

48%

24%

26%

37%

29% 6% 1% 2% 35% 1%

19%

44%

56% of respondents say securing web trafc is their biggest security concern. However, 61% of respondents say emerging network security technologies only address part of the cyber security threats facing their organization.
SOURCE: Ponemon Institute Research Report

Workloads must also be secured in a consistent manner, and the policies that apply to physical workloads must apply to virtual workloads regardless of where they reside. Organizations must be able to manage them with a consistent policy in mind so that zones dened for the physical network can also be articulated in the VM. If the policy says this workload is associated with nancial information and the data moves to another cloud provider, the policy should travel with that workload and adhere to the zone policy established for the physical network. Managing policies once for both the physical and virtual environments reduces operational overhead. It also ensures there will be no mistakes that can leave the organization vulnerable to attack or falling out of compliance with regulatory requirements. Organizations should also consider the rewall technology they deploy in the data center. Some providers insist that their next-generation rewall solution can help protect the virtualized data center. However, this technology has a specic use case in an ofce or campus environment. The application visibility and control capabilities are aimed at keeping people from inadvertently contracting a virus. These capabilities are not needed in the data center, nor are they effective at protecting the infrastructure. The majority of security professionals who responded to a 2013 Ponemon Institute report commissioned by Juniper Networks indicated that current next-generation rewalls and IP reputation feeds address only part of the cybersecurity threat, leaving signicant exposure to the most concerning attacks. Applications and infrastructure reside in the data center, which is why it requires a high-performance, highly scalable rewall-based gateway.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

12

CHAPTER 6: MANAGEMENT AND AUTOMATION


Just as organizations need a common approach to securing both physical and virtual environments, they also need a common approach to managing and automating networks. With the introduction of the virtual environment, multiple groups within an organization are responsible for different parts of the network. For example, the server administrators may own the virtual network while the network team maintains ownership over the physical network. When problems arise, it will be natural for one group to point to the other to avoid blame. This will make it difcult to identify the source of the problem and remediate it in a timely manner. Thus, organizations require a single network management interface that provides visibility into both the virtual and physical networks. This centralized interface can help organizations identify where a packet is owing and where an issue may lie, whether its a physical network misconguration issue or an overloaded hypervisor in the virtual network dropping packets. The same requirement goes for automation as well. Organizations need a single interface to automate behavior across the entire networkwhether physical or virtual.

n eBOOK

THE STATE OF THE VIRTUALIZED DATA CENTER

13

CONCLUSION
In an effort to achieve the level of agility that business demands, many IT organizations have virtualized their data center resources. With applications, servers and storage virtualized, IT is able to react more quickly to business needs. However, these virtualization efforts go only so far before network complexity brings efciencies to a halt. To achieve greater levels of agility, IT must address the network.

That means simplifying the infrastructure and operations with virtualization. Juniper Networks MetaFabric Architecturea simple, open and smart approach to data center designaccelerates the deployment and delivery of applications within and across multiple virtualized data centers. It provides location-independent coordination and management of devices across multiple sites, maximizing data center resources and ROI to allow you to establish a solid physical network foundation and address the security and BC/DR requirements needed for network virtualization success.

FOR MORE INFORMATION, VISIT

www.juniper.net/datacenter