Nutanix adds native enterprise networking capabilities to enterprise cloud stack

Nutanix is announcing several new networking new capabilities which they believe are critical to their ultimate goal of doing in the private cloud space what AWS did in the public space. Availability of some of this is still a while off, however.


Greg Smith, Nutanix’s Senior Director of Product Marketing

Today at its European 2016 .NEXT User Conference, Nutanix has made several related announcements which will add native networking capabilities to their enterprise cloud platform. This includes native application-aware networking, native microsegmentation, and application-centric visualization of the network.

“This is a major announcement,” said Greg Smith, Nutanix’s Senior Director of Product Marketing. “We are standing up and saying we will be a single point of control for the network. We are making several pivotal additions to enhance networking capabilities. This includes adding to the cloud infrastructure stack with networking services and native networking capabilities, as well as their ability to operate in real time with physical network infrastructure.”

The addition of application-aware networking is critical to Nutanix’s larger vision, of expanding well beyond the hyper-converged player status where it began, and making its Enterprise Cloud Platform the de facto standard for data centres. To achieve that, seamless operations across private and public cloud environments is necessary. And to achieve that, networking is an enormous asset.

“This is a very logical area for us to add value,” Smith said. “Our goal is a single point of control for the surrounding networking typology. The addition of networking is important for the marketplace and customers, to be a truly integrated cloud stack. It is the next major leap forward for our vision of the enterprise cloud platform, a turnkey infrastructure that can run any application in any cloud environment.”

Nutanix is also introducing native Nutanix Acropolis Microsegmentation Services (AMS), which provide built-in capabilities to inspect, monitor and govern all communications flows between workloads to ensure they are secure.

“As application infrastructures evolve and the data centre becomes more dynamic, enterprise workloads grow in number,” Smith stated. “They have to be secured against attacks, both external and from other virtual machines in the same environment which may have been compromised. How does one provide application-specific internal security and control? By segmenting the internal network – controlling which apps talk to other apps. That’s what we are doing with our new Acropolis microsegmentation services. We monitor and govern communications flows between individual services, controlling at an application level what services can talk to other services.”

Smith said that the capability to do this is something that Nutanix has built from the ground up, not something that was already within the platform waiting to be turned on.

“It is entirely new technology that had to be built on top of the virtualization platform,” he said. “the management policies for the microservices are set with Nutanix Prism. The AMS are built in, easy to deploy, and remove the need to have overlay. We felt it wasn’t fair to ask customers to take on the burden of a new set of technologies to protect their internal VMs.”

Nutanix is also extending its APIs further to allow switch, security and ADC vendors to better automate network provisioning and modify policies in real-time based on application and IT lifecycle changes.

“In addition to native networking capabilities, we wanted to bring policy controls to existing network infrastructure,” Smith said. “With this expanded set of APIs, extending them to include networking functionality lets them be integrated with networking infrastructure without any manual intervention. Automating this means they will automatically work with physical network typology to bring apps online securely without any downtime.”

Nutanix Prism now has the ability to insert network services into orchestration for an application from a single point of control.

“Before the customer would have to rely on physical network infrastructure, but they can now take full advantage of our fabric.” Smith said. “Composable services like firewall and load balancers – ADCs – need to be deployed closer to the applications, so having the orchestration to allow this to happen becomes critical. That requires the service chaining we are providing with Nutanix Acropolis.” The service chaining simplifies the complex process of chaining network routing information every time a new application is deployed or modified.

Nutanix Prism now provides application-centric visualization of the network as well. This is something that customers get now, but through a broad array of third party tools covering the physical and virtual network topology.

“Our network visualization provides a glance at how machines are integrated with the network, as well as their health, down to the individual VM,” Smith said. “Nutanix customers can get a very rich view to allow them to troubleshoot and optimize. It puts power back in the hands of the application owner by giving visibility over the whole infrastructure.”

Network visualization and the initial set of APIs for network orchestration will be available by January 2017. The remaining capabilities are under development, although Smith indicated the AMS capabilities for microsegmentation will be available later in 2017.