Ask question

We will be happy to answer your question!
WE know everythining about security of information and Ip communication so you can write boldly. We invite you!

Your data

I am interested in the following services*

Your message*

General information

The solutions we use ensure close integration of the network layer with security mechanisms. The result is the construction of a comprehensive network that provides, on the one hand, great possibilities of automatic configuration allowing for mapping of processes in layers related to operating systems and applications as well as implementation of modern security solutions adapted to specific data processing needs, on the other hand.

We are currently witnessing a fundamental change in the approach to architectures related to the Data Center networks. Traditional models of a three-layer network (access, aggregation and core layers) and two-layer network (access layer and distribution layer combined with core layer) no longer meet the requirements of data processing systems and virtualisation systems for the application layer. The main factors that caused the need for change are:

 

  • different traffic patterns – the three-layer and two-layer network models are adapted to the flows coming from the access layer to the core layer and back to the access layer (the so-called North-South traffic pattern). In the modern Data Center, most of the traffic takes place in the access layer (the so-called East-West traffic pattern),
  • virtualisation of the application layer – the modern mechanisms offered by virtualisation platforms (e.g. VMotion) require automatic changes at the network level made without any administrator intervention. The network must be aware of changes occurring in higher layers and offer mechanisms of auto-configuration,
  • need for integration of security mechanisms at the level of the network layer – by the popularisation of virtualisation for the application layer, a significant part of traffic in Data Center closes at the level of virtual switches (v-switch) – without going through the traditional physical network. It causes big problems with securing traffic between servers using a traditional firewall or IPS systems.

The networks we design take into account the needs of a modern Data Center related to the necessity of automatic cooperation with virtualisation systems.

So what should a modern Data Center network look like?

 

  • Overlay network – the necessity of cooperation with virtualisation systems for application layer was one of the factors contributing to the implementation of overlay network concept in the Data Center environment. The overlay network is a virtual network built over the traditional network infrastructure (underlay network):
  • Implementation of the SDN network (Software Defined Networking) – the traditional network devices implement the so-called Data Plane (responsible for data transmission) and Control Plane (responsible for traffic control) inside of them. This model causes significant difficulties in building big and complex Data Center networks that require additional integration with higher layer systems. The solution is to implement Software Defined Networking solutions in which the control plane is transferred from network devices to the external controllers that manage the operation of the entire network. The advantages of implementing the SDN network are:
  • Implementation of security mechanisms – in a modern Data Center, a big part of traffic does not go beyond the virtualised environment (v-switch area). Therefore, traditional separation mechanisms such as VLANs and pVLANs implemented on hardware switches are of limited applicability. In addition, the implementation of security policies based on standard hardware firewalls faces very big problems in environments that use dynamic auto-configuration mechanisms (e.g. the vMotion tool).
  • Automation of work – the modern Data Centers are highly dynamic environments. Thus, a substantial part of the changes should be made automatically:


a) provisioning and deployments – the new network devices should be activated almost automatically (picking up an appropriate image of the operating system, downloading and activating the configuration),

 

b) operational work – the devices should automatically send information about their status. The DC switches must have advanced scripting mechanisms so that the switch can respond to alarms and events without the need for an intervention of the administrators,

 

c) orchestration – the network must have a communication interface with virtualisation systems. Changes in the configuration of the server or storage network should automatically propagate themselves and affect the configuration of the network.


Solutions proposed by APIUS bring significant operational benefits:

 

  • reduction of TCO costs – it is possible to reduce both purchase costs (underlay + overlay network model supports dual-vendor purchasing strategy) and operating costs (automation of the network's operation),
  • acceleration of the mechanisms of implementation of new solutions – both when adding new devices and when implementing new systems, for example, development environments can be instantly recreated using configuration scripts,
  • increase of reliability and speed of repairs in case of failures – the combination of a virtualised network with a virtual application environment enables automatic reconfiguration and transfer of resources in case of failures of physical devices,
  • possibility of geographic diffusion of DC – it is possible to integrate the DC networks owned by the Client with the cloud solutions such as Amazon or Microsoft. From the application point of view, it is possible to obtain one coherent Data Center with the possibility of transferring IP addressing and L2 layer (despite the fact that this environment is physically diffused around the whole world).


Benefits

Solutions proposed by APIUS bring significant operational benefits:

 

  • reduction of TCO costs – it is possible to reduce both purchase costs (underlay + overley network model supports dual-vendor purchasing strategy) and operating costs (automation of the network's operation),
  • acceleration of the mechanisms of implementation of new solutions – both when adding new devices and when implementing new systems, for example, development environments can be instantly recreated using configuration scripts,
  • increase of reliability and speed of repairs in case of failures – the combination of a virtualised network with a virtual application environment enables automatic reconfiguration and transfer of resources in case of failures of physical devices,
  • possibility of geographic diffusion of DC – it is possible to integrate the DC networks owned by the Client with the cloud solutions such as Amazon or Microsoft. From the application point of view, it is possible to obtain one coherent Data Center with the possibility of transferring IP addressing and L2 layer (despite the fact that this environment is physically diffused around the whole world).

Our partners in Data Center:

We use our partner's products for:

We use our partner's products for:

We use our partner's products for:

We use our partner's products for:

See also

Close
Search

Search for password