Technical Overview

Cisco Validated Design: Secure Multi-Tenancy Architecture

Agenda
Introduction Architecture, Four Pillars, Components, and Documentation
Availability Secure Separation

Service Assurance
Management

Silos to Secure Multi-tenancy Architecture

Traditional Data Centers
HR Apps BU Apps Core Apps VMware VMware VMware

Secure Multi-tenancy Architecture

H R

B U

AP P

HR

BU

APP

Secure Multi-tenancy Four Pillars

Availability

Secure Separation

Service s Assurance

Management

Build resilient architecture High Availability Fault Tolerance Redundancy

Enable separation across tenants Increase security and access control

Deliver consistent SLA across Compute Network Storage

Simplify management End-to-end manageability

Secure Multi-tenancy Architecture

Secure Multi-tenancy Components

Comput e
VMware vShield VMware vCenter Cisco Nexus 1000V
VMware vSphere VMware vSphere

Compute
VMware vShield Manager

VMware vShield VMware vSphere Cisco Unified Computing System

VMware vSphere Cisco UCS 5100 Blade Server Cisco UCS 6100 Fabric Interconnect

NetApp SnapManager

Network
Cisco UCS Manager NetApp SANscreen

Cisco Nexus 1000V Cisco Nexus 5000 Cisco Nexus 7000 Cisco MDS

Network
Cisco Nexus 5000

Storage
NetApp FAS NetApp Multistore

Cisco Nexus 7000

Cisco Data Center Network Manager

SAN
Cisco MDS

Management
VMware vShield Manager VMware vCenter Cisco UCS Manager Cisco DC Network Manager NetApp Operations Manager NetApp Provisioning Manager NetApp SANscreen & SnapManager

Storage

NetApp MultiStore NetApp FAS

NetApp FilerView NetApp Provisioning Manager NetApp Protection Manager NetApp Operations Manager

Documentation Usage Guideline

Solution Brief (4 pages) Architecture Overview (25 pages) CVD: Design Guide (90 pages) Design Considerations Best Practice Bill of Material CVD: Deployment Guide (100+ pages) Configuration Software Recommendation

Designing Secure Multi-tenancy into

Virtualized Data Center Design Guide

Cisco Validated Design (CVD)

Resilient End-to-End Architecture

Core/ Aggregation

Compute
Cisco Nexus 7000

Access
vPC

Cisco Nexus 5000

vCenter Heartbeat VMware HA vMotion/Storage vMotion UCS Fabric Redundancy

Compute

vPC

vPC

Nexus 1000V

Cisco UCS 6100 Fabric Interconnect

Network
vPC EtherChannel N1KV Active/Standby VSM Link/Device Redundancy

VMware vCenter VMware vSphere

4x10GE 4x10GE

4x10GE 4x10GE

UCS 5100 Blade Server

SAN/Storag e
FC Ether Channel FC FC FC

Cisco MDS
Ether Channel

Storage
RAID-DP NetApp HA Snapshot SnapMirror/SnapVault

NetApp FAS
10GE 10GE

End-to-End Management
Server Layer
vCenter Server vShield Manager Unified Computing System (UCS) Manager SANscreen

Network Layer
Data Center Network Manager Flexible NetFlow Fabric Manager SANscreen

Storage Layer
Operations Manager Provisioning and Protection Manager SANscreen
Service Insight Service Assurance Application Insight Capacity Manager VM Insight

Q&A