Network Virtualization and Security

By using port-based VLAN technology, network virtualization provides a network security perimeter for all the computing and network devices associated with a given farm. When a device is logically assigned to a farm, the device is transitioned to the appropriate logical network associated with that logical element of the farm.

Network virtualization uses physical port-based VLAN technology built into current generation Layer-2 switches. The VLAN enables you to create a secure virtual network between a set of network nodes that appears as a transparent Layer-2 interconnect to these sets of network nodes. These virtual Layer-2 interconnects are then used as virtual wires to connect the devices on the switched fabric into the desired Layer-2 network topology.

Ethernet switching equipment must be capable of supporting VLAN tagging for use in network virtualization to protect against VLAN hopping or other kinds of VLAN penetration attempts. In addition, standard password encryption protects the management of these switches from unauthorized modifications from any server or device in the resource pool. Any switching equipment must meet the standards of 802.1q.

The management of these switches is protected from unauthorized modifications from any server or device in an I-Fabric. Only the Control Center administrator is authorized to make modifications to the virtual wiring and virtual logical server farm security perimeters.