ako si “utkať ” vlastnú sieť ýchlo, efektívne a bezpečne · deliver secure identity-based...
TRANSCRIPT
©2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice
Ako si “utkať ” vlastnú sieť pomocou HP rýchlo, efektívne a bezpečne
Peter Dömény 14. 11. 2013
HP Konvergovaná Infraštruktúra Komplexné riešenie iba od HP
Management software
Servers
Power and cooling
Storage
HP Converged Infrastructure
FlexNetwork Architecture
HP Confidential
Architectural Leadership with FlexNetwork
Open Scalable Secure Agile Consistent
FlexFabric FlexCampus FlexBranch
FlexManagement FlexNetwork Architecture
FlexManagement Converges Network Management & Orchestration
3
FlexFabric FlexCampus FlexBranch Converges and secures
data center network, compute, and storage in the physical and virtual
worlds
Converges wired and wireless networks to
deliver secure identity-based access
Converges network functionality, security and
services for simplicity
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4
Príklad nasadenia HP produktov
Data Center
Campus
IMC Single Pane-of-Glass Management
FlexFabric 5900
Switch
Access Core Routing
FlexFabric 11900 Switch
FlexFabric 12900 Switch
HSR 6800 Router
C-Class Servers
ProLiant Servers
vSwitch
FlexFabric 5900
vSwitch
IMC
IP phone Desktops
HP 2920 Switch
Tablet Laptop Access Point
HP10500 with Unified Wired-WLAN Module
Core
Branch HP 830 Unified
Switch
Access point PoE+ Desktops
PoE+
IP phone
Tablet
WAN
VAN
RA
M/C
M
VAN
SD
N
UA
M/E
AD
WSM
NTA
/UB
A
Mod
ule…
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5
FlexFabric Flatter, higher-performance, low-latency two-tier networks
FlexManagement Converges Network
Management and Orchestration
FlexFabric Converges and secures
data center network, compute, and storage in the physical and virtual
worlds
FlexBranch Converges network
functionality, security and services for simplicity
Open Scalable Secure Agile Consistent
FlexNetwork Architecture
FlexManagement
FlexFabric FlexCampus FlexBranch
FlexNetwork Architecture
FlexCampus Converges wired and wireless networks to
delivery secure identity-based access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 6
HP FlexFabric Portfolio
IMC Service Orchestration
Access
11900 12500
Core
TP Core Controller, vController - S5100N IPS, Security Subscription Services
BladeSystems Virtual Connect
61xx Blade Switch 58X0, 59X0
HSR6800 / 8800
WAN Aggregation
Management Security
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7
FlexCampus Flatter, high-performance, low-latency two-tier networks
FlexManagement Converges Network
Management and Orchestration
FlexFabric Converges and secures
data center network, compute, and storage in the physical and virtual
worlds
FlexBranch Converges network
functionality, security and services for simplicity
Open Scalable Secure Agile Consistent
FlexNetwork Architecture
FlexManagement
FlexFabric FlexCampus FlexBranch
FlexNetwork Architecture
FlexCampus Converges wired and wireless networks to
delivery secure identity-based access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8
HP FlexCampus Portfolio
Core Switching HP 10500
Switch Series HP 8200 zl
Switch Series
Access Switching HP 7500
Switch Series HP 5400 zl
Switch Series HP 3800/3500 Switch Series
HP 5500/5120 Switch Series
HP 2920 Switch Series
Wireless HP MSM760 Controllers
HP MSM720 Controllers
HP MSM765zl Mobility Controller
HP MSM430/46x Access Points
Network Management HP Intelligent Management Center
HP 6600 / HSR6600 Router Series
HP 830 PoE+ Unified Wired-WLAN Switch Series
HP 10500/7500 20G Unified Wired-WLAN
Module
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 9
FlexBranch Integrated Branch networking, unified management & best-in-class application delivery
FlexManagement Converges Network
Management and Orchestration
FlexFabric Converges and secures
data center network, compute, and storage in the physical and virtual
worlds
FlexBranch Converges network
functionality, security and services for simplicity
Open Scalable Secure Agile Consistent
FlexNetwork Architecture
FlexManagement
FlexFabric FlexCampus FlexBranch
FlexNetwork Architecture
FlexCampus Converges wired and wireless networks to
delivery secure identity-based access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10
HP FlexBranch Product Portfolio
Switches
MSM46x
5400 5500 EI/5500 HI 2920 2530
Routers MSR50 MSR30 MSR20 MSR900
Security IPS RF Manager MSR Firewall
Applications
5120 EI
HP Services zl Module
Network Management HP Intelligent Management Center
Wireless
HP MSR OAP VMware Modules
MSR93x
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11
Fault
Alarms Syslog & Trap
Mgr
Configuration
Intelligent Configuration
Center Compliance Center
VLAN & ACL
Manager
Accounting
Network Assets
Performance
Performance Mgmt
Virtual Network
Mgmt
Security
Security Control Center
FCAPS Model
IMC Platform Features
Add-On Modules
Jednotná platforma vystavaná na modulárnej, službovo orientovanej architektúre
IMC – Inteligentné Menežovacie Centrum
Remote Site
Manager
Virtual App
Ntwks Manager
Service Health
Manager
App Perform. Manager
Intelligent Analysis Reporter
User Behavio
r Analyze
r
Service Oper Mgmt
Network Traffic
Analyzer
User Access Manage
r
Endpoint Admission Defense
BIMS
TACACS+
Authent Manager
IPSec VPN Mgr
MPLS VPN Mgr
Wireless
Services Mgr
QoS Mgr
Voice Services Manager
vMon
VYBRANÉ ZAUJÍMAVOSTI
13
- IRF delivers design simplicity and protocol consistency at each layer/platform
- Common platform OS and NMS further simplify configuration and support
- Active/Active 10 GbE stack and server links delivers scalable performance and highest levels of network resiliency
Intelligent Resilient Framework
Access
Core/Distribution vPC ?
VSS ?
Stackwise ?
VRRP ?
PVST/RSTP ?
STP/MSTP ?
- Legacy vendors offers a patchwork HA and platform virtualization options
- Technology/protocols vary based on network layer, switch type and I/O module type
- Configuration intensive design yields complexity and uncertain reliability
Legacy Vendor Design HP IRF Design
IRF
§ Any link failure will cause topology change ü Link failure will not cause topology change
HP FlexFabric Data Center Design
FlexFabric Virtualization Optimized Design
Rack servers Blade servers
Legacy Architecture
High-performance 4-chassis virtualized core
Rack servers
Blade servers
IRF
IRF Virtual
Connect
80% performance increase in vMotion 500x faster recovery time 2x network performance
6500
6500/4500
3750/4900
7000 6500
5000 2000
HP 6125G and HP 6125G/XG
• Same cables, optics and modulesUpdated ASIC
• More memory, more resilient than previous blade switchesomain
• Multiple switches in single domain - across enclosure, rack or DC
• Distributed trunking and failover across group members
• Redundancy across the enclosure midplane • Single virtual switch with one IP address
• Single interface for all HP Networking switches.
Network Security • FIPS 140-2 • IPSec • IKE
New
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16
WiFi - Flexible forwarding options
Centralized forwarding • All traffic is send through module for processing
Local forwarding mode (distributed) • The module authenticates wireless clients and
APs and the APs forwards data traffic • Alleviates the workload of the AC and reduces
latency without compromising security and management
• For enterprises with branch offices, modules at headquarters are configured in distributed mode
• Authenticated client have local access in case connectivity to controller is lost
Access Points
Controller
Access Switch
Corporate Network
Access Points
Controller
Access Switch
Corporate Network
Centralized Local forwarding
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17
FlexBranch – Virtualized zl service modules Decreasing branch application time to service
• Simplifies branch, creates flexibility & agility • Hosts market leading hypervisors in a
switch
• Supports all virtualized network services
HP 5400zl switches 43% reduction in space
21% reduction in cost
57% lower power consumption
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 18
AllianceONE solutions Partner Tier Applications
• Microsoft Lync Survivable Branch Module* • IP Phones Optimized for Microsoft Lync
• Aastra MX-ONE
• HP Networking Certified: Rich Media Communications RMC
• Multiple DevConnect certification for routing gateways, networking and security (SBC) with Aura, IP Office and Avaya IP end point devices*
• Citrix NetScaler VPX • Xen Server
• vSphere
• F5 BigIP Appliance
• Riverbed SteelHead RiOS Application*
• AeroScout RTLS Solutions
• AirTight SpectraGuard Enterprise
• Ekahau Real Time Location System (RTLS)
• .vtFW|zl1: vantronix FireWall • .vtRT|zl1: vantronix BGP Edge Routing
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 19
- Vulnerability Awareness - Vulnerability Scanning - Source Code Analysis - Software Security Assurance
Hybrid Cloud PaaS
SaaS
APP
IaaS
Division A
Finance
Division B Division A
Private Cloud
Public Cloud
- Proactive Defense - Flexible Security-Zone Segmentation - Well-Known- and
Zero-Day-Exploit Protection - Adaptive Network Defense
- Visibility - Security-Information and Event
Management System - Event Correlation - Context-Visibility
Collect Consolidate
Correlate HP Security Intelligence Platform
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 20
TippingPoint Next Gen Firewall (NGFW) Series
• Simple to configure and install with centralized management
• Effective security based on industry leading security intelligence with weekly DVLabs updates
• Reliable with (seven 9s) network uptime track record
• Inline deployment without affecting network performance
Provides visibility and control across application, device and data threat vectors
Over 2,650 security researchers
99.99999% network uptime track
record
7,400 filters of network protection
TippingPoint NGFW S1050F
TippingPoint NGFW S3010F/S3020F
TippingPoint NGFW S8010F/S8005F
Over 2,650 security researchers
ĎAKUJEM ZA POZORNOSŤ
Leadership from edge to the data center core
HP Networking
FlexManagement • Network Node Manager • Operations Automation and Orchestration • Operations Center
• Intelligent Management Center Services
FlexFabric CORE ROUTING AGGREGATION EDGE/SERVER ACCESS SECURITY
FlexBranch SWITCHING WIRELESS SECURITY ROUTING
FlexCampus CORE ROUTING AGGREGATION EDGE SECURITY WIRELESS
HP Confidential 22
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Ako to vyzerá?
HP 5920AF-24XG
5900AF-48XG-4QSFP
11908 12910, 12916
5930AF
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 24
MSM466
HP MSM760 Controllers
HP MSM720 Controllers
HP MSM765zl Mobility Controller
HP MSM430/46x Access Points
HP 830 PoE+ Unified Wired-WLAN Switch Series
HP 10500/7500 20G Unified Wired-WLAN Module