.shock - Fotolia

Nutanix networking management includes microsegmentation, APIs

Nutanix adds 'one-click networks' to its hyper-convergence as part of its plans to become an on-premises version of Amazon Web Services as a foundation for building private clouds.

Nutanix Inc. is adding network management to its hyper-converged appliances through microsegmentation and an expanded set of APIs.

Nutanix today said it will add the ability to orchestrate and automate network processes by January. The Nutanix network management comes through additions to its Acropolis data services and Prism management software. The additions will allow administrators to natively provision and manage networking devices for Nutanix hyper-convergence that now must be done manually or through third-party applications.

Since its launch in 2011, Nutanix has combined storage, compute and virtualization on its appliances. IT administrators can manage Nutanix systems without requiring distinct specialists for those disciplines. The new Nutanix networking features will allow admins to handle networking themselves, too.

Nutanix pitches its systems as a building block for private clouds to rival Amazon Web Services and other public clouds. Nutanix claims "one-click management" for processes such as upgrades, system planning and moving virtual machines (VMs).

The new features allow Prism to serve as a single point of control for infrastructure resources.

"This is the next step in our journey," said Greg Smith, senior director of product marketing at Nutanix, based in San Jose, Calif. "We've already moved beyond hyper-convergence to a turnkey system that is more of a cloudlike infrastructure. It's a major leap forward to provide one-click networks."

The Nutanix Prism orchestration engine will give customers a visual view of the network, including all VMs connected to the physical and virtual network topology. Application-specific policies inside Prism allow IT teams to manage and secure communications between VMs, container-based applications and microservices. Prism will also show VM performance metrics.

IDC storage software research director Eric Sheppard said network management helps Nutanix fulfill its goal of dismantling silos of management.

"You can't break down silos in the data center and leave such a large part of the data center untouched," Sheppard said. "Networking is one more place that Nutanix sees where you can drive efficiency and remove silos."

Sheppard said Nutanix became the hyper-converged market leader by getting into the market early and making moves that kept it a step or two ahead of competitors. The Nutanix networking features could help keep it ahead, even as larger vendors move into hyper-convergence.

"The turning point was when Nutanix added one-click management two years ago to make storage invisible and the hypervisor invisible," he said. "Now, it's bringing the network into its set of management tools."

Nutanix Acropolis Microsegmentation Services (AMS) will inspect, monitor and coordinate communication flows between workloads. AMS will protect individual applications, eliminating the need to use separate software-defined networking tools. Administrators can determine which applications can communicate with others, a feature that can prevent malicious attacks spreading among apps.

Microsegmentation breaks the data center into elements, enabling IT security policies on a per-workload or per-application basis. It can then isolate data and deny access in case of a threat. Microsegmentation requires an understanding of the flow of traffic inside the data center.

Cisco, Palo Alto Networks and VMware already use microsegmentation to help virtualize networks.

Nutanix is also adding open APIs to Acropolis that allow customers to automate policy updates to top-of-rack switches, application delivery controllers and firewalls. As VMs are created or modified, admins can set and adapt policies for physical network devices. Smith said Prism's orchestration engine will make sure new and changed policies are supported by other devices on the network.

Nutanix said networking vendors Arista, Brocade, Mellanox and Plexxi will support the APIs, as will security vendors Citrix and F5 Networks.

Smith said the new Nutanix networking features will orchestrate tasks such as firewall configuration and intrusion detection for applications running on Nutanix hyper-converged appliances.

"We're providing policy-based orchestration that allows us to insert those services or bind them to an application," Smith said. "That means if I'm a data center manager and I have a brand-new business application, I want it inspected by a virtual firewall and go through a load balancer before incoming traffic hits. The orchestration built into Prism inserts those services and chains them in the right order."

Next Steps

How to reap hyper-convergence benefits

Optimize workloads for HCI

Nutanix finally goes public

Dig Deeper on Hyper-Converged Infrastructure Management