Software-Defined Security and VMware NSX Events

I’m presenting at two Data Center Interest Group Switzerland events organized by Gabi Gerber in Zurich in early June:

  • In the morning of June 7th we’ll talk about software-defined security, data center automation and open networking;
  • In the afternoon of the same day (so you can easily attend both events) we’ll talk about VMware NSX microsegmentation and real-life implementations.

I hope to see you in Zurich in a bit more than a month!


  1. Hi Ivan,

    Had enjoyed your webinars and the ability of you to explain things.Are you planning to write something on Cloud management platforms and how they differ from OpenStack etc..
    1. I will eventually start exploring Neutron once it settles down, but not the cloud management systems. I'm positive there are other people out there more qualified to do that.
    2. Hi Ivan,
      had this query for too long. Layer 2 networks are bad because of the fact that the broadcast domain extends to multiple switches. The way to overcome is to use Layer 3 routing right from the switch connecting to the hosts all throughout. Even in this such a case, let us assume a host misbehaves sends out ARP flood packets, the edge switch CPU will be burdened on processing these ARP requests. It is true though that the other switches in the network aren't affected, but the ToR connecting tot he host is affected in its CPU performance.
      Do you think this kind of scenario could occur (or) this is the best that can be done in the presence of a misbehaving host.
    3. Yes, this can occur. You have to protect the switch CPU with Control Plane Protection (CoPP or however your vendor calls it).

      Obviously a host could DoS all adjacent hosts but at least you'd protect the switch.
Add comment