Most IT organizations are under pressure to respond to changing business requirements by becoming a lot more agile. The trouble is that most networks today are not flexible. To circumvent that issue IT organizations are now embracing network virtualization (NV) overlays to extend the capabilities of legacy networks.
Several use cases for NV overlays have emerged. Overlays can inject some much-needed agility into legacy networks. In addition, they can make the data center environment more secure and extensible.
There are eight primary use cases for NV overlays:
1. Achieve Scale: Most existing physical networks have a limited number of network connections they can support. A NV overlay extends the number of network connections to span an almost unlimited number of virtual machines and physical servers. Utilization rates of the underlying physical underlay expands considerably.
2. Manage Resource Allocation: Multiple applications running in the data center require access to different levels of compute, storage and networking resources. Virtual networks segregate virtual machines by applications. IT organizations can assign MAC and/or IP address space to each virtual network being accessed by a specific set of applications.
3. Consolidate Data Center: NV overlays play a critical role in enabling organizations to consolidate the number of physical servers employed. Reducing the number of physical servers also eliminates the need for ancillary load balancers and physical firewall appliances.
4. Move Virtual Machines: The ability to move application workloads is core to making any IT organization more agile. Moving virtual machines across a legacy physical network still requires manually reconfiguring routers and switches one device at a time. NV overlays make it simpler to move a virtual machine without having to reconfigure the physical networking underlay.
5. Connect Multiple Data Centers: NV overlays can span multiple data centers to create a virtual network. For example, financial departments that have personnel in multiple geographic locations can use NV overlays to stay connected.
6. Connect to SD-WANs: Many IT organization are investing heavily in SD-WAN to connect to data centers. It’s much simpler to connect a NV overlay to those SD-WAN networks than it is to a physical network.
7. Create a Demilitarized Network Zone: The demilitarized network overlay is also known as a perimeter network or a sub-network. It’s basically taking an NV overlay and using it to isolate the core enterprise network from the internet or other untrusted external networks. Access to the IT resources exposed to those external networks can be strictly controlled.
8. Apply Microsegmentation: NV overlays isolate IT resources and enable firewalls to be applied to prevent malware from spreading in an East-West fashion across a data center. This approach enables IT organizations to contain any security breach to only the applications running in a specific microsegment. And it makes it simpler to demonstrate compliance with a variety of regulatory mandates.
There are naturally multiple approaches to deploying an NV overlay. IT organizations can opt to deploy one on their own or take advantage of hyperconverged infrastructure (HCI) platforms where the NV overlay comes bundled with the platform, said David Tan, CTO of Chips Technology Group, a provider of IT services.“It’s a lot of easier when it is part of an appliance,” Tan said.
Of course, the degree to which organizations will favor using NV overlays versus upgrading their physical network often is decided by budget, says Quy Nguyen, CEO of Allyance Communications, a provider of IT services. “It really is a matter of culture.”