News Stay informed about the latest enterprise technology news and product updates.

Secure multitenancy stack for virtual server environments launched by NetApp, Cisco and VMware

The latest cloud storage-focused alliance between major vendors takes the form of a reference architecture for secure virtual server secure multitenancy drawn up by NetApp with VMware and Cisco.

NetApp Inc., Cisco Systems Inc. and VMware Inc. are continuing the trend of vendor alliances to build end-to-end stacks in support of server virtualization and cloud storage applications. The three vendors today released a reference architecture for secure multitenancy in VMware-based virtual server environments.

The partners say they have developed, tested and validated the architecture, and have made detailed design guides available for channel partners who will take the lead in selling the stack to customers.

The design guide includes a bill of materials for creating a multitenancy environment that includes VMware's vSphere and VMware vShield Zones; Cisco's Nexus 7000, 5000 and 1000V Series Switches; Cisco's Unified Computing System (UCS); and NetApp FAS storage with MultiStore.

Cisco and VMware teamed up with VMware's parent company and NetApp storage rival EMC Corp. last November to launch their own stack from what that triumvirate calls its Virtual Computing Environment (VCE) coalition.

More on storage vendors
Evolving cloud storage market has users weighing their enterprise data storage options

NetApp's Georgens reports improved revenue; shrugs off EMC-Cisco deal

IBM offers Smart Business Storage Cloud and Information Archive for cloud storage, data archiving

Ed Bugnion, Cisco's chief technology officer (CTO), said the VCE alliance is focused on server virtualization in enterprise data centers with an emphasis on scalability, while this new partnership with NetApp is specifically focused on supporting secure multitenancy in shared environments. "Our business strategy is to view our storage partners as part of an overall ecosystem," he said of Cisco's attempt to balance alliances between competing storage vendors. "This is a statement of customer choice."

Each piece of the NetApp/Cisco/VMware architecture is focused on segmenting the network, physical server and physical storage resources to give each virtual server its own segmented "slice" of the resource pool. According to the design guide document, vShield Zones provide "a centrally managed, stateful, distributed virtual firewall bundled with vSphere 4.0." The Nexus switches can be used to provide iSCSI-based Ethernet access to storage using NFS, as well as a boot-from-SAN storage architecture for virtual servers over Fibre Channel over Ethernet (FCoE), according to the document.

Cisco's UCS provides quality of service for virtual hosts on the network, dictating which hosts get precedence in network queues to match service-level agreement (SLA) policies in the data center. Cisco's virtual local-area networks (VLANs) are also a part of the package. At the bottom of the stack lies NetApp's FAS storage with MultiStore software for creating virtual filers within the same physical disk array.

Preconfigured end-to-end infrastructure vendor stacks have come under fire for their potential to cause vendor lock-in, but one channel partner offering both the VCE stack and this secure multitenancy infrastructure to customers said the vendor partnerships align with how his clients want to buy.

"Long View Systems, up until about four or five months ago, had storage, server and virtualization practices, and our approach to customers was siloed," said D. Kent MacDonald, vice president of infrastructure services at the Calgary, Alberta-based systems integrator and reseller. "We collapsed them into one practice in October, and we're seeing the vendor community align with that."

Mark Bowker, a senior analyst at Milford, Mass.-based Enterprise Strategy Group (ESG), said he sees the secure multitenancy architecture appealing to cloud storage service provider rather than the large enterprises that VCE targets. "For enterprise organizations with hundreds of VMs [virtual machines], this is something they will run into," Bowker said. "But it's easier for them to just start a new resource pool – service provider environments are more complex and the risk is bigger [with multitenancy]."

Most of the partners' public customer references for this announcement are cloud storage service providers, though the vendors also claim enterprises such as Tucson Electric Power Company as joint customers for this infrastructure stack.

"The game changer for us is virtual port channeling to integrate Cisco [switches] with NetApp [disk arrays]," said Jared Wray, founder and CEO for platform-as-a-service (PaaS) provider Tier 3. "It means every virtual host has two 10 Gigabit Ethernet ports and can failover. Before that we were using Gigabit Ethernet trunks, which meant a huge cabling problem."

More riders on the infrastructure stack bandwagon

Other stack alliances between major IT vendors include Dell Inc. and Brocade Communications Systems Inc.; Oracle Corp. and Brocade; and most recently, Hewlett-Packard (HP) Co. and Microsoft Corp.

ESG's Bowker said he sees the NetApp/Cisco/VMware reference architecture potentially offering more flexibility around the choice of server vendor than VCE, which will ship pre-integrated in one package to customers.

While there may still be some trepidation around vendor lock-in in the market, Bowker said that this kind of vendor collaboration will be necessary for getting to the next level of the virtual data center vision. According to ESG's spending intentions survey for 2010, expanding virtualization deployments are the top priority for enterprise data center managers, with 33% of respondents placing it as their top priority.

"VMware has a lot of customers stalled at around 25% to 30% virtualized," Bowker said. "They need to help establish even the next five percent with customers." analyst David Vellante said he sees the NetApp/Cisco/VMware stack as potentially more practical for near-term deployments than VCE's more ambitious approach. "VCE really doesn't have a fully baked backup architecture that we've seen in detail," he wrote to in an email. "Security is not where it needs to be and the vStorage APIs for array integration are in the prenatal stages of development. So it will be a year or so before we really see the customer impact of VCE."

In the meantime, Vellante said, "[The] bottom line for me is that NetApp/Cisco/VMware is definitely not as tightly integrated as VCE – but it's close enough to keep NetApp in the game until VCE demonstrates enough value for customers to switch from existing alliances."

Tier 3's Wray said he'd like to see NetApp, VMware and Cisco copy one part of the vBlock architecture used by VCE. That's unified management software (EMC has a special version of its Ionix management suite for vBlocks). "If we could control [the infrastructure] in one place instead of talking to all three of them, that would be amazing," he said.


Dig Deeper on Storage for virtual environments

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.