Major Nutanix Software Update Expands Hyper-converged Infrastructure With New SDN, Security Capabilities

Nutanix has unveiled some significant new software-defined networking (SDN), automation and orchestration capabilities to its hyper-converged infrastructure appliance line.

The new enhancements, announced Wednesday, include monitoring and managing external physical and virtual networks and micro-segmenting workloads for enhanced security and management. The update is part of a move by Nutanix to better manage modern and enterprise-class workloads, said Greg Smith, senior director of product and technical marketing for the San Jose, Calif.-based hyper-converged infrastructure vendor.

The expanded solution set was unveiled at Nutanix's .NEXT Europe conference in Vienna.

[Related: CRN Exclusive: Nutanix, SimpliVity, Pivot3 Are Tops In New Forrester Hyper-Converged Report]

Sponsored post

Smith told CRN there are three main areas where the Nutanix line of hyper-converged infrastructure appliances is being expanded.

"These three new enhancements fall under our new one-click networking solution," he said. "This is the first time for us to managing the networking. It is part of a longer-term strategy to run our technology across public and private clouds, on-premises and in heterogeneous environments."

The enhancements are in line with what Nutanix channel partners were expecting from the company, said Mike Strohl, CEO of Entisys360, a Concord, Calif.-based solution provider and Nutanix partner. "Nutanix is removing layers of complexity to increase the types of workloads that work on its solutions while adding a more secure environment," Strohl told CRN.

The first enhancement is that Nutanix is adding increased visibility and management across both physical and software-defined networks to which the appliances are connected.

As part of the enhancement, the Nutanix Prism software stack will provide a comprehensive application-centric visualization of the physical and virtual network topology, Smith said. This includes detailed views of how individual virtual machines connect to the physical and virtual network infrastructure, along with detailed networking health and performance data.

"Now we can begin to manage and change policies across the networking infrastructure," he said. "An application running on Nutanix needs APIs to communicate with devices on the network. Now the Nutanix appliances can connect to those devices without the need for manual reconfiguration. This allows the appliance to modify the software and firewalls to support the connections."

The second upgrade to the Nutanix stack new micro-segmentation technology which works with the Nutanix Acropolis hypervisor to statefully inspect, monitor and manage communication between individual workloads to increase the security of the various applications.

The typical data center environment requires a software overlay to monitor and control networking traffic, which increases the operational overhead and cost, Smith said.

"Nutanix is providing a simpler solution to provide security to virtual machines and containers with native networking," he said. "Micro-segmentation increases security by increasing visibility across the entire stack. Prior to this, we could get visibility to the compute, storage, and virtualization. Now we get visibility to the entire networking infrastructure, including physical top-of-rack switches, application delivery controllers, load balancers, and firewalls connected to Nutanix."

The third enhancement is the ability to provide single-click orchestration of networking and security services, Smith said.

New to Nutanix Acropolis are open APIs that allow automated policy updates to top-of-rack switches, application delivery controllers, and firewalls that work with such vendors as Arista, Brocade, Mellanox, Plexxi, Citrix, and F5 Networks to automate network provisioning and modify policies in real-time based on actual application and IT lifecycle changes, he said.

"Now if a customer provisions a new application in a virtual machine that requires security services on the load balancers, for instance, we can now insert the services, find the services, and use them," he said. "Or a new application can find the firewalls, inspect them, and allow them to move. And these services can be chained in the right order to make sure they are done properly."

Entisys360's Strohl said management and micro-segmentation of workloads is a key capability. "In the hyper-converged infrastructure world, if you throw in a cloud, you see a big risk in multi-tenant computing," he said. "This is something that all networking and security people are working on."

There are a lot of different ways to provide the capabilities that are soon-to-be-available through Nutanix, Strohl said. "But being able to create software-defined networking for specific workloads makes the whole concept of managing containers and points of access easier," he said. "There's a lot of opportunities there as hyper-converged infrastructure systems take over more and more workloads."

Nutanix's new APIs will be available shortly, while the Acropolis Microsegmentation Services will be available some time in 2017, Smith said. The enhancements are included as part of the Nutanix operating system, and so will require no additional charges, he said. "Nutanix's technology is 100-percent software-based, and so the changes are backwards-compatible with our existing solutions," he said.

The updates to the Nutanix stack will also be brought to solutions built on non-Nutanix hardware, including solutions sold by Dell on an OEM basis and solutions configured in the channel on Cisco UCS servers.