PLUMgrid offers micro-segmentation for containers and OpenStack clouds through Virtual Domains. A Virtual Domain is a secure logical data center that can be allocated to a tenant or workload for traffic isolation and policy enforcement. A Virtual Domain provides complete administrative control to its users to create new networks, change configurations and add new networking services on-demand, without affecting other Virtual Domains or the physical network.
Virtual Domains are enabled as part of PLUMgrid Platform’s® unique distributed architecture which provides the industry’s most secure, scalable and highest performance cloud network with advanced features. The figure below shows two private Virtual Domains, each with an unique virtual topology and policies, running independently.
Through a simple self-service dashboard, users can manage their Virtual Domains and customize themit to their needs. Users are able to define network topologies, create templates, set up security policies and connect workloads to the Virtual Domains or external physical devices.
Each Virtual Domain contains within it a full featured logical data center that can be provisioned, operated, migrated, cloned and restored by a click of a button or programmatically through the management API. Each Virtual Domain belongs to a tenant or a project. One tenant can have multiple Virtual Domains, however each Virtual Domain is owned by a single tenant.
Since each Virtual Domain is operationally decoupled from the physical infrastructure and other Virtual Domains – each tenant can administer their own Virtual Domain(s) through a secure self-service web-based dashboard or via API integration with a CMS. Each tenant can instantiate their own Distributed Virtual Network Functions , virtual topologies and domain specific policies. For example, an user can create a DMZ for web servers that can be accessed from the Internet and place backend systems such as databases or application servers in a secure private-facing subnet with no Internet access.
Micro-segmentation through Virtual Domains
A Virtual Domain provides a per-tenant logical data center. This is the foundational building block of the multi-tenancy and isolation of workloads among each other and from the physical infrastructure.
PLUMgrid Service Insertion Architecture
The PLUMgrid SIA is part of the holistic architecture of PLUMgrid Platform. SIA allows third party network functionality into the existing virtual network infrastructure. Learn more..
CloudSecure, Security at the Forefront
Built on multiple security layers, CloudSecure protects deployments in the presence of ephemeral infrastructure and heavy East-West traffic patterns.