This post will describe the various options to encrypt data residing on VMware Cloud on…
Before you undertake any network design, you must always consider the business requirements and use cases. Your chosen network design will be largely influenced by the chosen use cases.
VMware Cloud on AWS enables customers to seamlessly integrate their SDDC cluster to AWS services. This is achieved by connecting the SDDC cluster to the customer’s VPC of choice. During the onboarding process, customers have the ability to choose a VPC and the subnets they want to connect to their SDDC cluster.
VMware Hybrid Cloud Extension delivers secure and seamless app mobility and infrastructure hybridity across vSphere 5.0+ versions, on-premises and in the cloud.
HCX offers bi-directional application landscape mobility and data center extension capabilities between any vSphere version. HCX includes vMotion, Bulk Migration, High Throughput Network Extension, WAN optimization, Traffic Engineering, Load Balancing, Automated VPN with Strong Encryption (Suite B) and secured data center interconnectivity.
This reference architecture document will not delve into all the HCX features but will instead on the standard use cases:
For customers that need to maintain the same IP addresses after they’ve migrated workloads to VMware Cloud on AWS, they can use the NSX Layer 2 VPN functionality.
NSX has offered a L2VPN capability for several years. A L2VPN enables customers to stretch networks between two different sites, over a public or private network (with no requirements on MTU).
VMware Cloud on AWS uses NSX to provide L2VPN features in your cloud SDDC.
The Management Domain is protected by a Management Gateway [MGW], which is an NSX Edge Security gateway that provides north-south network connectivity for the vCenter Server and NSX Manager running in the SDDC.
In VMware Cloud on AWS, we have two logical domains – one for “Management Resources” (where the ESXi hosts, vCenter, NSX Manager and NSX Controllers are deployed) and one for “Compute Resources”, where data VMs are deployed.
A common use case for VMware Cloud on AWS is to leverage for Disaster Recovery. Many of my customers either don’t have a Disaster Recovery strategy or simply struggle to justify running a ‘ghost’ DC, just in case a disaster were to happen. The way Disaster Recovery is offered today within VMware Cloud on AWS is through an add-on (VMware Site Recovery) that leverages vSphere Replication and vSphere Recovery Manager.
Probably the most popular use case for VMware Cloud on AWS today: using it to lift and shift all applications running on a DC and moving them, untouched, to VMware Cloud on AWS. AWS would refer to this migration strategy as ‘re-hosting.’ Why would customers do this? It enables them to accelerate their move to the Cloud with no disruption to their applications and to their operating model while leveraging their existing VMware expertise.