Virtualising the Server Farm Network
UQ are employing virtualisation in the server-farm network to improve security without sacrificing reliability, performance, serviceability and flexibility. The load-balancer and routing and switching elements of the network are virtualised, to partition the network into different fault and security domains. The environment is segregated "horizontally" into back-end and front-end server VLANs and "vertically" into application groups using MPLS IP-VPN. This allows firewalling to be applied in a selective manner, securing applications whilst facilitating reliability and high performance. Using MPLS IP-VPN as a network virtualisation mechanism provides layer 2 segregation and flexible control over traffic flows without introducing unacceptable configuration complexity.
|
Marc Blum's Biography |