Virtual Application Networks Overview

---

Frequently asked questions

Virtual Application Networks Overview

Frequently asked questions | Virtual Application Networks Overview

Table of contents 3 General 5 Virtual Application Networks SDN Controller 6 Sentinel Security Application 7 HP Virtual Cloud Networks Application 8 Virtual Application Networks Manager 9 IMC VAN Manager and F5 9 Virtual Application Networks and other HP solutions 10 Technologies 12 Additional Resources

Frequently asked questions | Virtual Application Networks Overview

General

Figure 1. Software-defined network architecture

Q: What new products and solutions are being announced at 2012 Interop New York in support of Virtual Application Networks?

SDN architecture

A: HP announced the extension of its Virtual Application Networks (VAN) strategy to advance software-defined network (SDN) leadership. Virtual Application Networks provide a single point of control for the entire network. HP also announced its intent to release HP Virtual Application Networks SDN controller, HP developed and customer developed SDN applications that runs on the controller, allowing enterprises and cloud providers to take advantage of the agility and scalability provided by programmable networks.

Application layer

Virtual cloud network

Application layer Business applications (e.g., OpenStack, CloudStack)

Cloud orchestration

Control layer

SDN applications

Programmable open APIs

SDN controller

Control and data plane programmable interface (e.g., OpenFlow)

Infrastructure layer

Sentinel security

Open APIs

Control layer

HP Virtual Application Networks SDN Controller

Infrastructure layer

OpenFlow enabled on 9 additional switches

Q: What are HP Virtual Application Networks? A: HP Virtual Application Networks enable customers to focus more on connecting users to applications and less on managing complex infrastructure by transforming a rigid physical enterprise network into a fully programmable, multi-tenant and application-aware virtual network. Virtual Application Networks accelerate the provisioning of cloud applications by abstracting the network end-to-end, allowing customers to logically provision physical resources into virtual networks aligned to the delivery requirements for each application or class of applications (e.g., video, real-time transaction processing, telephony) and ensure consistent provisioning of resources to meet the service level expected by users.

Network device

Network device

Network device

Q: What is HP’s SDN strategy? A: Virtual Application Networks represent HP’s software-defined network vision. By leveraging SDN-enabled infrastructure, control plane, applications and integrated management systems HP is creating an open ecosystem to drive new innovation in networking. HP is providing open interfaces for third-party integration as well as end-to-end solutions with HP OpenFlow enabled infrastructure, HP Virtual Application Networks SDN controller, and HP applications. Figure 2. HP software-defined networking vision and strategy

Q: What is SDN A: SDN is an emerging network architecture where network control is decoupled from forwarding and is directly programmable. This migration of control, formerly tightly bound in individual network devices, into accessible computing devices enables the underlying infrastructure to be abstracted for applications and network services, which can treat the network as a logical or virtual entity. HP is delivering SDNs by introducing solutions across all three layers of the SDN stack as defined by the Open Networking Foundation (ONF), a standards body driving open SDN technologies including OpenFlow.

3

Frequently asked questions | Virtual Application Networks Overview

Q: What problems do HP Virtual Application Networks solve for customers?

provisioning to accelerate application delivery. This solution is now available.

A: Legacy networks are rigid and difficult to program, not allowing for the rapid and dynamic provisioning of network applications and services for the data center and cloud. Specifically it solves the issues of:

In May 2012, HP announced the extended support of the Virtual Application Networks Manager to include F5 integration with IMC, where IMC will provide single-pane-of-glass policy-based orchestration.

• Complexity in rolling out new services • Glass ceiling with deployment of workloads • Vendor locked-in solutions that limit virtualization expansion because of costs Q: How do Virtual Application Networks compare to CLI and script-based approaches? A: The intent of Virtual Application Networks is to provide a single point of control and eliminate device-by-device coding for every network profile, making configuration error prone, complex and operationally expensive for cloud-based environments. Competitive command-line interface (CLI) and script approaches do not directly integrate with the hardware at the physical level. Q: How is HP’s Virtual Application Networks approach differentiated in the marketplace? A: Unlike other networking-centric market solutions, HP Virtual Application Networks are focused on bringing networking into greater alignment with end-to-end IT operations and for delivering seamless network services to the greater cloud ecosystem. Other key differentiators are that Virtual Application Networks: • Provide an open standards-based approach • Extend cloud applications from the data center to branch and campus • Utilize a single management platform integrating both the physical and virtual networks from end-to-end • Provide a consistent and common set of tools and architectural constructs end–to-end, that deliver visibility, planning and troubleshooting capabilities (the Achilles heel of most virtualized solutions) • Can be programmed through RESTful APIs • Centralized policy management and control that allows the administrator to specify unique traffic management attributes for one or more applications

In August 2012, HP announced Ethernet Virtual Interconnect to connect geographically dispersed data centers over IP infrastructure and multi-tenant device context to virtualize switching from up to four logical switches. Q: What are the challenges that overlay only point products such as Big Switch or Nicira offering does not address? A: As companies move to cloud and other computing environments, manual configuration of legacy networks through CLI coding has proven to be error prone, as well as time and resource intensive. SDN overlay-point products offer a centralized control plane, but do not automate infrastructure configuration to prime the network to be able to run the overlay and assumes the manual device-by-device configuration. These overlay only approaches focus on data center applications only and does not provide SDN applications for campus and branch networks. This incomplete approach creates complexity and unnecessary manual coding requirements. Q: What are the key differentiators of HP SDN Solution? A: HP is the only tier-1 networking vendor to offer a complete hardware and software SDN solution. HP Virtual Application Networks delivers: • Single-pane-of glass management for automation of infrastructure • Open programmable access to infrastructure with OpenFlow • Virtual Application Networks SDN Controller for centralized control plane • SDN applications for data center, campus, and branch • Offers open APIs for customers and third-parties to build applications and allows for business applications to interface directly with the controller for network-aware applications

• The architecture inherently includes security such as access control, trusted infrastructure, and specialized traffic management features for specifying how traffic should be handled from a security point of view Q: What products and solutions has HP announced in support of Virtual Application Networks? A: In Feb of 2012, HP announced support for OpenFlow on 16 switch models, representing over 10 million installed ports. In April of 2012, Virtual Application Networks Manager solution for data center that enables virtual machine-based, server edge

4

Cisco Virtual Cloud Network

Sentinel Security Load Balancing

Application Layer

Third-party applications enabled by open APIs Campus and Branch SDN applications Data center SDN applications Separate control and data plane

Control Layer

Open programmable access to infrastructure Single-pane-of-glass and configuration automation

Infrastructure Layer

Hardware performance

Overlay Only

HP

Frequently asked questions | Virtual Application Networks Overview

Q: What is the HP Virtual Application Networks SDN Controller? A: The HP Virtual Application Networks SDN controller is an integral part of HP’s Virtual Application Networks offering. The controller acts as the central building block for an abstracted control plane in the SDN architecture. Solutions, such as various networking applications for all types of network environments and customers, can be implemented with the controller including service provider and enterprise, as well as data center, campus, and branch focused applications. Q: What are the key features for SDN Controller? A: The Virtual Application Networks Controller offers a centralized control plane for network infrastructure without compromising on the inherent merits of today’s classic distributed control planes; i.e. scalability and resilience are preserved even in the centralized SDN architecture. HP’s unique ability as a networking vendor with its own controller platform allows industry-leading innovations in our hardware portfolio to work in concert with the HPN SDN controller. SDN innovations leverage hardware and switch OS features, they do not minimize or ignore them as is the case with pure software controllers. Some of the key features of the controller include • Full support for the OpenFlow protocol • Open APIs to enable third party SDN application development • Extensible, scalable, resilient controller architecture • Available HP SDN applications and OpenFlow-enabled infrastructure for an end-to-end solution Q: When will the SDN controller be available and what will be the cost? A: Currently, the target release date is calendar Q4 2013. The controller is currently in beta with several customers. The pricing and/or licensing model is not yet available. Q: What are the key differentiators? A: HP is the only tier-1 networking vendor to offer a complete hardware and software SDN solution. The HP Virtual Application Networks SDN Controller offers open APIs for customers and third parties to build applications and allows for business applications to interface directly with the controller for network-aware applications. Q: What open-standards does the controller leverage? A: OpenFlow 1.0 is currently implemented in beta, with support for OpenFlow 1.3 targeted for the public release.

Q: Can the controller work with third-party equipment? A: Yes, any third-party infrastructure supporting the corresponding version of the OpenFlow standard is supported. Q: How will the controller be made available? A: The controller will be offered as a managed appliance or as a virtual appliance image. Q: How is the controller managed? A: The controller will be managed using standards based practices and protocols for management of networking devices and applications. Q: Are there any partners developing their own applications that are built on the HP Virtual Application Networks Controller? A: Yes, with the HP Virtual Application Networks SDN Controller, HP not only can deliver end-to-end software-defined networking solutions but also an open ecosystem for custom applications. CERN, the European Organization for Nuclear Research, a long-time valued HP Networking R&D partner is co-developing with HP, in the CERN openlab framework, an application to provide traffic classification, resource scaling, and load balancing. The joint project is called VISION for “Virtual Services In OpenFlow Networks.” VISION’s goal is to implement traffic orchestration using SDN and to produce a state-of-the-art product to be deployed at CERN and elsewhere: • CERN’s main interest is in network scalability and resource optimization. • Redundancy, over-provisioning, fail-over, reliability, and scalability are big topics for them. This three-year project started in February 2012. The development is done at CERN, in the CERN openlab framework, by a team coordinated by both CERN and HP Networking. The project benefits from early access to HP Networking SDN APIs and controller. Below is a diagram of their use case: Figure 3. CERN use case Traffic Classification and Load Balancing

Network Resource Scaling (Firewall/IPS) Distributed Load Balancing Application

Application layer SDN architecture

Virtual Application Networks SDN Controller

Control layer

• Adaptive Load Sharing • Shared Intelligence with Resource Classification Virtual Application Networks SDN controller

HP OpenFlow Switches

Infrastructure layer Servers

Extends scalability beyond traditional limits

Efficient Multipathing

FW/IPS

Remove traffic bottlenecks

Improved resource utilization

Network Routers

Standards-based using OpenFlow

5

Frequently asked questions | Virtual Application Networks Overview

Sentinel Security Application Q: What is the HP Sentinel Security Application? A: HP Sentinel Security is a software-defined network application that enables automated, real-time network security in enterprise and cloud networks. Built on the HP Virtual Application Networks SDN controller, the application uses the HP controller and OpenFlow protocol to communicate to the infrastructure layer. Sentinel has the capability of turning any OpenFlow-enabled infrastructure device into an enforcement device. Q: What is the problem it is solving? A: The HP Sentinel Security Application enhances network security by enabling network infrastructure devices with security intelligence. It uses SDN/OpenFlow to pick specific traffic streams that are of interest and compare them to the RepDV database. Thereby protecting the network from malicious sites by blocking endpoints from accessing them. Some of the key features of the solution include: • Runs on HP Virtual Application Networks SDN Controller • Complimentary to TippingPoint IPS solutions • Consumes real-time reputation security intelligence from HP TippingPoint DVLabs cloud service • Protects from over 700,000+ botnet, malware, and spyware malicious sites • Native integration for improved visibility and accuracy with ArcSight solutions • OpenFlow enabled switches gain ability to detect applications, malware, botnets

advanced capabilities. TippingPoint will continue to play an important role in being part of a complete end-to-end security solution. Note Sentinel will be sold in the HP Networking sales channels by network sales specialists. Customer engagement and the final point of sale are expected to take place along with a network infrastructure sale. The Sentinel application does not eliminate enterprise customers’ need for a deep packet inspection system such as the HP TippingPoint IPS appliance. Q: What does this mean for ArcSight customers? A: Sentinel gives ArcSight unprecedented visibility into a vast array of security enabled network infrastructure. This security new content can be added to ArcSight other security content feeds in order to provide a more accurate view and actionable response to security threats. Sentinel can generate CEF-formatted events natively meaning that ArcSight will be able to consume Sentinel events without connectors or any other glue logic. Q: Does this replace RepDV on our TippingPoint appliances? A: No it does not. The value of RepDV within the TippingPoint solution continues to be important to the overall solution. Sentinel is really another platform that is capable of consuming security intelligence from the HP TippingPoint RepDV cloud service. Sentinel allows HP to expand the market reach for products such as HP TippingPoint RepDV, by offering innovative solutions targeted at specific customer roles and use cases, and sold through differentiated route to market. Q. Does Sentinel do enforcement based on the security intelligence it receives from the TippingPoint RepDV cloud service?

A: HP Sentinel Security is targeted initially for campus and branch customers looking for threat protection for their network edge. The technology can be ultimately used in a variety of environments including data center and cloud computing.

A: Yes. HP Sentinel Security will do enforcement but it is not actually drop packets or toggle a switch port. Rather than drop packets, Sentinel Security application proxies the reply on behalf of the DNS server and replies with “No Such Domain” back to the client. With this method, the client does not keep retrying the domain if the Sentinel Application were to just drop the packet. Notifications are sent to ArcSight and/or Syslogs. In the future, notifications could also be forwarded to network management applications such as HP Intelligent Management Center (IMC) which could trigger a policy to take direct action on a switch port configuration.

Q: How is Sentinel going to be delivered to the customer?

Q: When will it be available and what is the pricing?

A: Sentinel has three primary components: 1) UI which will have IMC integration. 2) Sentinel engine/DB and controller features which can be packaged as a vAppliance and deployed on an appropriately sized x86 platform. 3) RepDV cloud subscription service.

A: The application is currently in beta with several customers. It is planned for general release in Q4 2013. Pricing is not yet available.

• Ability to create a whitelist and blacklist • Dynamic switch learning with HPN OF enabled switches distributes detection into the switch infrastructure Q: Who is the target customer for Sentinel Security Application?

Q: What does this mean for TippingPoint appliances? A: TippingPoint IPS appliances continue to play an important role and are complimentary to Sentinel. HP TippingPoint offers more

6

Frequently asked questions | Virtual Application Networks Overview

Q: Are there any customers using HP Sentinel Security? A: Yes, several customers are in beta including a HBO. HBO is using Sentinel to deploy access layer security in their environment. Customers are deploying Sentinel security across their campus network to protect their network from over 700 thousand malicious malware, spyware, and botnet threats. Sentinel works by redirecting DNS queries from user machines to the Sentinel application running on the HP Virtual Application Networks SDN controller. Take for example a corporate user who was to click a link in an email: • First, the users DNS query would be sent to the local OpenFlow-enabled HP access switch • Second, the switch would forward the traffic to the HP Virtual Application Networks SDN controller via an OpenFlow rule implemented by the Sentinel application targeting DNS queries • Once the SDN controller receives the query, the Sentinel application jumps into action by checking the hostname against the HP TippingPoint DVLabs RepDV database of known threats. The DVLabs database ranks each domain name with a reputation score and the IT administrator has the ability to set the threshold at which queries should be allowed to resolve. • Finally, if Sentinel determines that the site is legitimate, the query is forwarded normally across the access layer switch, however if Sentinel detects a threat, an unresolvable response is sent back to the client, the action is logged with HP ArcSight, and the user is prevented from accessing the threat. Below is a diagram of their deployment model:

SDN architecture

Application layer

Data center security Sentinel

Q: What is HP Virtual Cloud Network Application? A: HP Virtual Cloud Network is a software-defined network application which enables public cloud service providers’ to provide tenant facing Network as a Service features to complement their existing compute and storage offerings. It does this by eliminating traditional scalability limits while automating network configuration. The application is built on the HP Virtual Application Network SDN Controller. Q: What is the problem it is solving? A: The HP Virtual Cloud Network application addresses three main issues with public cloud provider environments: • Scalable Automation—reduces the number of points in the network which must be automated each time a new provisioning request comes in • Low Risk Automation—limit the points of the network which are automated to low risk areas • Scalable Multi-tenancy—come up with a straightforward way to scale beyond traditional network hardware limits Q: Who are the target customers? A: HP Virtual Cloud Network is targeted at public cloud service providers, SaaS providers, and other customers looking for scalable, simplified and automated, cloud environments. Q: Does the application integrate with OpenStack? A: Yes, we will be releasing an OpenStack Quantum plug-in as part of the general release.

Figure 4. Sentinel use case Campus and branch security

HP Virtual Cloud Networks Application

Cloud security

• Real-time cloud database feed • Protection from over 700,000 threats

DVLabs RepDV DB

Q: When will it be available and what is the pricing? A: It is planned for beta in Q3 2013. Pricing and official release date is not yet available.

Virtual Application Networks SDN controller

Control layer

Infrastructure layer

Scales to thousands of endpoints

Eliminates need for dedicated appliances

Automates threat protection for BYOD

Uses standards-based OpenFlow

7

Frequently asked questions | Virtual Application Networks Overview

Q: Are there any customers using HP Virtual Cloud Network application?

Virtual Application Networks Manager

A: The application is currently in alpha with HP Cloud Services as a customer. HP’s Virtual Cloud Network application enables public cloud providers and enterprises to overcome the challenges facing them today.

Q: What is functionality does IMC VAN Manager provide?

Public cloud providers require massive scale in order to meet the price points which allow them to compete in their marketplace. Yet existing network automation and virtualization solutions have difficulty scaling to the levels a public cloud provider requires. HP’s Virtual Cloud Network solution enables the public cloud provider to scale and reduces their risk. First, HP’s VCN overlay allows the provider to scale beyond the constraints of current solutions. Second, HP’s solution focuses network changes at the edge, reducing the risk of each change and making automation at scale a reality. Enterprises are challenged to interconnect their private environments with their public cloud presences and do so without compromising the integrity of their existing networks. HP’s VCN enables the enterprise to securely connect to the cloud and apply their own “identity” to their cloud environment. The Virtual Cloud Application solution is already integrated with OpenStack, enables public cloud providers to deliver an automated self-service solution to their tenants, and enables enterprises to securely connect from their private estate to their public cloud environments. Below is a diagram outlining their use case:

Public cloud multi-tenancy at scale

SDN architecture

Application layer

Tenant A Fixed or floating IPs

Control layer

Tenant B Fixed or floating IPs

Internet VPN

Tenant virtual network

Tenant virtual network

8

Customer network

Enterprise public-private cloud integration Tenant X Fixed or floating IPs

Internet VPN

Tenant virtual network

Customer network

Virtual Application Networks SDN controller

Infrastructure layer

OpenStack ready

Internet VPN

Customer network

On-premise private cloud network

Enables tenant self-service

• IMC VAN Manager enables administrators to accelerate the roll out of applications with a set of profiles that include connection policies that will be applied to data center edge switches. This module includes the VAN Manager Hypervisor Plug-in which enables rapid provisioning of virtual machine connectivity by automating network policy enforcement, allowing the server administrator to map connection profiles defined in HP IMC to VM interfaces. • IMC Extended APIs (eAPIs) ensure broad interoperability and integration of home grown enterprise applications by leveraging an open Web services platform that enables third-party developers to tie directly into, or extend core VAN and foundation network management functions of HP IMC. Q: What are the key benefits of this solution? • Reduced errors through connection profile templates • Virtualized network resources based on connection profile templates • Automated orchestration of templates rather than VM-by-VM and box-by-box configuration and management • Faster deployment of private cloud environments • Ensure cloud application meet SLAs through a single-pane-of-glass management platform Q: How is this solution differentiated in the marketplace and what is its competitive position?

Figure 5. HP Virtual Cloud Networks use case Public cloud automation at scale

A: Virtual App Networks Manager is built on the following new HP IMC software functionality:

Secure enterprise cloud extensions

A: IMC VAN Manager provides three clear competitive differentiators. 1. IMC VAN Manager is architected to support Edge Virtual Bridging (EVB) and non-EVB mode and other hypervisors including VMware vSphere, Microsoft® HyperV and soon to be added KVM and Citrix Xen. 2. Since it is based on the IMC platform which provides a multi-vendor support, VAN Manager is hardware vendor agnostic and can provision third-party ToR switches as long as adequate support is provided in IMC. 3. The connection policies are bound to the virtual machines so when VM is moved, the new ToR switch is reconfigured automatically with the policies bound to that specific VM.

Frequently asked questions | Virtual Application Networks Overview

Q: How does the VAN solution for data center integrate with end-to-end cloud orchestration solutions? A: HP IMC eAPIs support the growing DevOps movement, which encourages better communication and collaboration among applications development and IT operations teams. The eAPIs can be used by organizations of all sizes to meet the fundamental goal of DevOps: to develop applications that perform better and meet intended business and service-level requirements. Q: What is the pricing and availability for this solution? A: � IMC VAN Manager Module—Price $9995 USD • IMC Enterprise/Standard—Shipping today—Price Enterprise $23029 USD/Standard $6819 USD • IMC Extended APIs (required upgrade for IMC Standard Platform, included with IMC Enterprise Platform)—Price $9995 USD Q: Will Virtual Application Networks work with third-party solutions? A: Yes, HP already has broad third-party support in its IMC platform. IMC is the key network management and orchestration tool enabling virtual application networks. In addition, continued support for open-standards including OpenFlow will help increase interoperability.

Q: Are any solutions tested with F5? A: Yes, HP TS offers Application/VM Server optimization, Business Continuity/DR Workload Mobility, and Exchange/Lync/SharePoint Server tested solutions with F5. • Automated orchestration of templates rather than VM-by-VM and box-by-box configuration and management • Faster deployment of private cloud environments • Ensure cloud application meet SLAs through a single-pane-of-glass management platform This solution is complementary to and a key enabler for: • Converged Infrastructure initiatives within ESSN • Virtualization initiatives from third-parties such as VMware and Microsoft • Cloud initiatives such as CloudSystem Matrix, OpenStack

Virtual Application Networks and other HP solutions Q: How does VAN architecture work with HP Virtual Connect?

A: No, Virtual Application Network Manager currently interfaces directly with the infrastructure layer using vendor specific interfaces such as SNMP. In the future, the VAN Manager may leverage OpenFlow and the control layer to implement functionality.

A: Initially, VAN represents a solution that is an alternate to a virtual connect-oriented deployment, focused on virtualized provisioning of traditional, top-of-rack switch-based server connectivity. Over time, HP intends to evolve the VAN architecture to be more closely aligned with Virtual Connect environments to provide for centralized management and provisioning of both traditional and Virtual Connect server edge deployments.

IMC VAN Manager and F5

Q: Will there be a one-to-one relationship between a Virtual Application Network and an application?

Q: How does our partnership with F5 relate to Virtual Application Networks?

A: Not necessarily. If the applications (such as Polycom video conferencing and Microsoft Lync video) share the same criteria, they can leverage the same Virtual Application Network.

Q: Does VAN Manager use OpenFlow?

A: HP’s Virtual Application Network technologies operate on Layer 2–4, whereas F5’s Application Delivery Networks (ADN) operate on layers 4–7. F5 ADNs deliver many of the same benefits of Virtual Application Networks all the way up the stack. Together, these technologies will help further simplify management while making it easier to deliver applications to users.

9

Frequently asked questions | Virtual Application Networks Overview

Technologies OpenFlow

Q: What networking capabilities will OpenStack provide? A: The OpenStack API framework for networking (called Quantum) will provide for a multi-level architecture consisting of:

Q: What is OpenFlow?

• Core L2/L3 APIs

A: OpenFlow is a new, standardized communications interface defined between the control and infrastructure layers of an SDN architecture. OpenFlow allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based).

• Network service API extensions (QoS, etc)

Q: Do HP products support OpenFlow? A: Currently, HP 3500, 3800, 5400, and 8200 Switch Series support OpenFlow 1.0. HP is planning on extending OpenFlow support across the FlexNetwork platforms including data center products, as well as utilizing the protocol as an enabler for the Virtual Application Networks control plane. Currently version 1.0 is supported with support for OpenFlow 1.3 planned. Q: Does HP offer an OpenFlow controller? A: HP offers the Virtual Application Networks SDN controller which implements the OpenFlow protocol. The HP controller will offer expanded capabilities by leveraging not only OpenFlow, but also intelligence between HP infrastructure devices to deliver enhanced SDNs. Q: How does OpenFlow enable SDNs? A: By providing an open-standards based interface between network infrastructure devices and controller software, OpenFlow enables a programmable way to implement SDNs. OpenFlow provides direct access to the forwarding plane of infrastructure devices bypassing vendor specific interfaces for more direct control of traffic in implementing SDNs.

OpenStack Q: What is OpenStack? A: OpenStack is an emerging, multi-vendor initiative intended to deliver an open, standards-based API modular framework for integrating server, storage, and network infrastructure as well as virtualization hypervisors and orchestration software into, open private/hybrid cloud architectures. Q: How does HP intend to use OpenStack? A: HP has chosen OpenStack as the framework for unifying integration of infrastructure (server, storage, networking) + software + services into HP infrastructure and end-to-end cloud solutions.

10

• Vendor-specific API plug-ins Q: How will HP integrate with OpenStack for networking? A: HP will deliver OpenStack capabilities by leveraging and extending IMC’s existing API infrastructure and also by way of “headless” frameworks for environments where explicit IMC/network management tools are not required. HP intends to develop OpenStack/Quantum APIs to integrate networking into HP cloud infrastructure and orchestration solutions and enable multi-vendor OpenStack-based cloud integration. HP Virtual Application Networks Virtual Cloud Network will also implement a Quantum plug-in allowing customers who implement OpenStack to implement highly scalable and automated virtual networks within the cloud. Q: What organizations can take advantage of OpenStack? A: Many cloud service providers, including HP Cloud Services, are already implementing OpenStack as the foundation of their cloud capabilities. Enterprises interested in implementing an open source private cloud may also implement OpenStack. Whether an enterprise or a cloud service provider, HP’s VAN Virtual Cloud Network delivers a scalable automated solution which solves the cloud network virtualization challenge without putting the burden on the customer. Q: How does Virtual Application Networks integrate with OpenStack? A: Virtual Application Networks Virtual Cloud Networking SDN application integrates with OpenStack through an included OpenStack Quantum plug-in which allows OpenStack based cloud environments to automate provisioning and de-provisioning for virtual networks within the OpenStack environment.

Frequently asked questions | Virtual Application Networks Overview

Virtual Switching Q: What is a vSwitch? A: A vSwitch is software that acts as a switch or bridge that runs in a hypervisor and allows for connectivity between virtual machines on the same host. Q: What is EVB? A: EVB stands for Edge Virtual Bridging. There are two competing standards, IEEE 802.1Qbg Virtual Ethernet Port Aggregation (VEPA) and IEEE 802.1Qbh VN-Tag. HP supports the VEPA standard. VEPA essentially forces traffic flowing between two virtual machines on the same host to a physical switch where network policies can be applied. The traffic is then fed back to the host and to the destination virtual machine in what is called a hairpin mode. The lack of management visibility into traffic at the server-network edge is challenging within a virtualized environment. Traffic between virtual machines installed on a server is not visible to the network and therefore not managed and is susceptible to security threats.

EVB combines the best of software and hardware switches and does not force changes into installed environments. HP supports EVB with VEPA, as well as non-EVB technologies. Using VEPA technology shifts the network processing activities close to the server-network edge, just inside of the network fabric. This lets the access switches manage the virtual network traffic, resulting in greater traffic visibility and better performance. Q: Is EVB technology required for HP Virtual Application Networks solutions in the data center? A: The initial Virtual Application Network solution for VMware does not require EVB functionality. Follow-on solution support for KVM and Citrix Xen will leverage EVB technology, manifest in a future HP Open vSwitch and enhancements to add EVB functionality to select HP ToR switches. Q: What switch platforms will support EVB? A: The HP 5900 and HP 5920 Switch Series will support EVB via switch firmware upgrades.

EVB with VEPA technology is one way to overcome the lack of visibility of traffic between VMs . EVB is an IEEE (802.1Qbg) standard that enables network management and service provisioning as close to the edge as possible.

11

Frequently asked questions | Virtual Application Networks Overview

Overlay Virtualization Technologies

Additional Resources

Q: What are NVGRE and VXLAN?

Q: Where can I find more roadmap information on Virtual Application Networks and OpenFlow?

A: These technologies are designed to tunnel L2 traffic across L3 boundaries. These software overlay networks help virtualize the network infrastructure by abstracting aspects from the physical hardware. HP plans to support both of these overlay technologies. Q: Where can I find more information on Ethernet Virtual Interconnect (EVI) and Multi-tenant Device Context (MDC) A: Please visit: hp.com/networking/dci

Sign up for updates hp.com/go/getupdated

A: For general inquires related to Virtual Application Networks and SDN, you can email [email protected] Q: Where can I find publically facing materials for Virtual Application Networks and related technologies? A: HP Virtual Application Networks and SDN: hp.com/networking/van OpenFlow: hp.com/networking/openflow

Share with colleagues

Rate this document

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Microsoft is a U.S. registered trademark of Microsoft Corporation. 4AA4-4714ENW, January 2013