Virtual Switch in Hyper-V

Before we begin with the nitty-gritties of Virtual Switch, let us try to answer some basic questions.

What is a Virtual Switch?

Virtual Switch is a counterpart of physical Ethernet switch for the virtualized environment. It not only simply forwards the packet to other virtual machines but also intelligently inspects the packet before forwarding them. Each Virtualization platform provides different set of properties to their Virtual Switches. Before we delve further into Virtual Switches, let us understand another essence of this blog HYPER-V.

What is Hyper-V?

Each virtualized network requires a hypervisor as a platform for creation and configurations of virtual machines and their resources. Hyper-V is Windows hypervisor-based virtualization technology which provides software infrastructure and basic management tools. It provides the isolation of a physical machine into child partitions and allocates them to different guest operating systems. Also, provides required hardware and software resources for each guest operating system.

What is Virtual-Switch in Hyper-V?

Now that we have our basics in place, let us dive deep! I will try explaining Virtual Switch by considering the following:

1. Features supported in Virtual Switch

2. How Virtual Switch in Hyper-V different from Other Switches?

3. Different use cases for Hyper-V Virtual Switch.

4. What are all the available alternatives for Virtual Switches?

Starting off with the first discussion point, let us have a look on the features supported in Virtual Switch:

1. Port ACLs - Provides traffic filtering based on Media Access Control (MAC) or Internet Protocol (IP) addresses/ranges, which enables you to set up virtual network isolation.

2. Network traffic monitoring - Enables administrators to review traffic that is traversing the network switch.

3. Isolated (private) VLAN - Enables administrators to segregate traffic on multiple vlans, to more easily establish isolated tenant communities.

4. Trunk mode to a VM - Enables administrators to set up a specific VM as a virtual appliance, and then direct traffic from various VLANs to that VM.

5. DHCP Guard protection - Protects against a malicious VM representing itself as a Dynamic Host Configuration Protocol (DHCP) server for man-in-the-middle attacks.

6. ARP/ND Poisoning (spoofing) protection - Provides protection against a malicious VM using Address Resolution Protocol (ARP) spoofing to steal IP addresses from other VMs. Provides protection against attacks that can be launched for IPv6 using Neighbor Discovery (ND) spoofing.

So, what makes Hyper-V’s Virtual Switch different from other, its Extensibility. A Hyper-V Virtual Switch supports Vendor specific extensible plug-ins (also known as Virtual Switch Extensions). These Virtual Switch extensions provide enhanced networking and security policies. Hyper-V provides three types of Virtual Switch extensions-

1. Capturing Extension - Using this extension, Virtual Switch can capture packets and generate their own packets.

2. Filtering Extension - Using this extension, Virtual Switch can inspect, drop (traffic policing and filtering) or delay (traffic shaping) packets, as well as generate own packets.

3. Forwarding Extension - Using this extension, Virtual Switch along with all the above operations provides an extra operation of replacing the default forwarding rules (specify their own set of output ports). Each packet can be set to one or more output ports to implement flooding, multicast or SPAN like behaviour.

Below figure depicts the flow of packet from Hyper-V Virtual Switch-

Source - Reference 4

Some vendors who applied this extensibility to enhance Virtual Switch and integrated it to their products:

1. NEC- VSEM Provider that converts Hyper-V to an OpenFlow virtual switch and integrates it with NEC’s PFlow Solution.

2. Cisco - VM-FEX extension with direct I/O (SR-IOV) with Nexus 1000V for Hyper-V.

3. Inmon - Extension for Traffic capturing and analysis with sFlow.

4. 5Nine - Virtual Firewall extension.

5. Broadcom - DoS Prevention extension that emulates the functionality provided in OEM switch platform.

Apart from Hyper-V’s Virtual Switch there other switches available which has their own capabilities and features. Some of them are written here:

1. VMware’s Virtual Switch: vSphere platform supports vSphere Standard Switch and vSphere Distributed Switch which provides networking in VMware Infrastructure (ESX).

2. Open vSwich: OVS is an Open source switch runs on OpenFlow Protocol. The basic features supported in OVS are flows, VLANS, trunking, and port aggregation.

3. KVM Virtual Switches

 References-

1. http://blogs.technet.com/b/networking/archive/2013/07/31/hyper-v-extensible-switch-enhancements-in-windows-server-2012-r2.aspx

2. http://technet.microsoft.com/library/hh831410

3. http://msdn.microsoft.com/en-us/library/windows/hardware/hh582268(v=vs.85).aspx#types_of_extensible_switch_extensions

4. http://blogs.technet.com/b/networking/archive/2013/07/31/what-s-new-in-hyper-v-network-virtualization-in-r2.aspx

5. http://channel9.msdn.com/posts/Hyper-V-Extensible-Switch-Part-I--Introduction

NFV - Management and Orchestration

In the past couple of years new technologies have evolved in the networking domain, Software defined networks and Network function virtualization.

Software defined network is an approach which defines the decoupling of the control plane from the data plane.  Control planes are essentially the “data directors,” instructing the data plane on where to transfer packets of data. The data plane then establishes the best path and carries the data to its destination. By separating these two functions, the user can program the open-source network to act in accordance with business requirements—using a central management interface in a vendor-neutral manner.

Network function virtualization is an approach which is mainly proposed by the Telco’s to decouple the network functions from the hardware. Specifically, it involves implementing these network functions using software that can run on a range of commodity industry standard server hardware which can be moved to, or instantiated in, at various geo locations in the network as required programmatically, without having to install new equipment. This enables significant reduction in Capex, OpEx, Space and Power Consumption while providing scale of IT for Telco’s. NFV solutions deliver compelling performance; maintain network reliability and resiliency while keeping costs under control.

This blog is focused on NFV, hence we will more concentrated on it. In the previous blog of NFV we covered the open source tools for various layers/components of NFV architecture framework. In this blog we are focusing on developing the understanding on Management and Orchestration layer/component.

With the increasing service request demands, growing networks it has become a big challenge to network operators to manage them. Hence this triggers the need for management and orchestration to be considered as one of the most important component of the NFV solution.

Orchestration Framework helps customers to easily deploy, manage and orchestrate Virtual Network Functions (VNFs) and roll out new services, thereby simplifying network operations.

Management framework focuses on the lifecycle management of the software based network function, management of the infrastructure resources to these network functions.

There is a standard defined by ETSI for Management and orchestration to be implemented in NFV.  We have prepared a presentation based on the understanding developed after reading the ETSI specification. Click here to view.

References:

h     1. http://blogs.cisco.com/datacenter/software-defined-networking-cisco-style/

       2.  http://www.techmahindra.com/sites/blogs  Beyond_Buzz_words_SDN_NFV_vs_Automation_Orchestration.aspx

3     3. http://docbox.etsi.org/isg/nfv/open/latest_drafts/NFV-MAN001v061-%20management%20and%20orchestration.pdf

NfV PoCs - Use Cases, Architecture Function Blocks and Reference Points.

Under the aegis of ETSI, an initiative of developing Proof of Concepts (PoCs) was started to "build industrial awareness and confidence in NFV". These demonstrations of Proof of concepts  help in verifying that the NfV concepts have the potential for real-world applications. The details can be found here.

In this blog, we do not cover the details of PoCs (Hopefully in a separate blog). However, we summarize the proposed PoCs (around 24) with respect to the the following:
1. Proposed Used-Cases
2. NfV Architecture Functional Blocs
3. NfV Architecture Reference Points.

The details of (1) can be found here, whereas the details of (2) and (3) can be found here.
For quicker-reference, we enlist the three below:

 In the below table, on Y-Axis the PoCs are enlisted, whereas the x-axis has Use-Cases (UC#), Functional Blocks (FB#) and Reference Points (RP#) .

The Plots highlighting the PoC coverage with respect to the above three concepts are shown below:

Northbound application development in SDN controllers - An APIs and SDK Perspective

SDN is the one of the emerging networking technology which has gained lot of popularity in networking domain.

SDN is the software defined networking which is trying to create/manage network through software. SDN is trying to centralize brain of network into controller applications (i.e. SDN controllers).

Even SDN makes you virtualize all the network and their networking functions through Network virtualization and Network function virtualization techniques.

SDN controller, being brain of network, manages the network switches/routers by sending intelligent rules on them through southbound APIs and allows vendor-specific/domain-specific/function-specific applications to run over with SDN controller via northbound APIs.

There are lot many networking vendors who are working on SDN at fast rate and launching their SDN controller in market.

But, SDN is not getting adopted at fast rate among network operators, service providers, network application developers, etc. To accelerate this adoption, vendors of SDN controller are exposing northbound API set to create development environment among networking community so that more and more application can be developed over such SDN controller and more use-cases of SDN can be opened up.

Few vendors have shared their SDN SDK also for rapid development of applications over their SDN controllers to gain their strong existence and popularity in SDN world.

In this blog, focus has been on research of SDKs for SDN. Research on which SDN controller vendor share SDK, what SDN SDK should contain what networking use-cases/functions can be achieved by SDN SDK.

Below is the list of SDN controllers which are researched for finding their support for APIs/SDK.

SDN Controllers	Does it support Openflow?	Does it expose Northbound APIs?	Does it share any SDK?	Is SDK Open?	Language Used for APIs/SDK
HP VAN Controller	Yes	Yes	Yes. HP SDN DeveloperKit	Open	REST and Java
Juniper Contrail	No	Yes	Yes. Junos Space SDK	Open	REST
Big Switch	Yes	Yes	No	NA	REST
Floodlight	Yes	Yes	No. But, Provides many applications in java modules	NA	REST
Ryu	Yes	Yes	No. But, It provides framework to develop SDN apps.	NA	Python
IBM Programmable Flow	Yes	Yes	No	NA	REST
NCL - Hinemos and VNC	Yes	Yes	No	NA	JAVA
Cisco APIC	Yes	Yes	No	NA	REST
Cisco XNC	Yes	Yes	Yes. Cisco Open Network Environment Platform Kit	Open	JAVA/REST
Nicira/VmWare NVP	Yes	Yes	Yes	Open	REST
Nuage VSC	Yes	Yes	No	NA	REST
Plexxi Control	No	It has 2 different API: Workload Affinity API, Network Orchestration API	No	NA	REST
Sanctum's Jupiter	Yes	No information	Yes	Closed	No information
PLVision kuFlow	Yes	It is openflow driver for SDN controllers and it is available as library.	No	NA	Python, C++
Sandvine SDE		No, But it gives you PCRF GUI to design services	No	NA	NA
Active Broadband Network's BNG	Yes	Yes. It provides web services API and message queues	No	NA	No information
NetSocket vFlow	No	Yes	No	NA	No information
Metaswitch Perimeta SBC	No	Yes	No	NA	No information
Italtel SBC	No	No	No	NA	NA

Next table talks about what should SDN SDK contain and whether these SDK contents are available in existing SDN SDKs.

SDK Contents	HP VAN SDK	Junos Space SDK	Cisco XNC OnePK SDK
GUI CLI	SDN Controller Console which is web based GUI.	Yes, provide GUI plugin for Eclipse IDE	Provides API set only.
Templates	Yes	Provides REST APIs for Config Template Management	No
Schema files (WSDL, XSD)	Supports XSD schema files	Supports generation of schema (XSD) from DTO definitions using ANT scripts.	No
Sample programs	Yes, it provides some built-in apps: Device Node Manager, Link Discovery, Topology Manager, Topology viewer, Path daemon, Path daignostics	Yes. For example, HelloSpace, WorldCities, oogleMashupApp	Yes. For example, HelloElement, HelloNetwork, SyslogMonitor
Higher order models	Yes. SDK provides models and works on MVC (Model-view-controller) architecture to develop applications.	Supports 3 application models: 1) Complete Junos Space Application. This application model contains all 3: UI + web services + business logic. 2) Web Service Junos Space Application. This application model contains: web services + business logic. 3) UI Only Junos Space Application. This application model contains only: UI app. Business logic is realized by EJB packages (i.e. server side components).	No
API Libraries	Yes. The Controller REST API is distributed across 3 distinct namespaces: (1) core (/sdn/v2.0), (2) openflow (/sdn/v2.0/of), (3) network services (/sdn/v2.0/net). Each namespace has its own JSON schema. (1) Core namespace: The core APIs provide general manageability of the controller, such as configuration, health monitoring, teaming, alerts, audit logs, support logs, etc. (2) Openflow namespace: The openflow APIs provide Openflow functionalities of the controller, including both read-only operations (such as port statistics) and modification operations (such as flowmod). The same REST API can be used on both Openflow 1.0 and Openflow 1.3 devices. However, only certain APIs (such as meters) are available when speaking to an Openflow 1.3 device, because the functionality is only available for Openflow 1.3 devices. (3) Network services namespace: The network services APIs provide basic network knowledge such as network topology information and network diagnostics.	Yes. It provides REST APIs for below services: Application Management, Audit Log Management, Configuration File Management, Configuration Management, Configuration Template Management, Debug Log Management, Device Image Management, Device Management, Fault and Performance, Info Service, Inventory Management, Job Management, Script Management, Tag Management, User Management, Well Known Service	Yes. It has various services: 1) Policy service set: allows applications to configure several features of the forwarding path, including filtering, ACLs, and QoS. 2) Routing service set: provides read access to the routing information base (RIB) and enables a developer to safely modify the routing/switching logic of the network element. 3) Element service set: consists of APIs to get and set network device and interface properties, state, and statistics. 4) discovery service set provides a mechanism for an application to discover remote or local network elements, network topology, and the network elements providing onePK services.
Binaries: installation and configuration	Yes. Configuration is done through metatype.xml and maven's pom/xml	Yes. This SDK is available as installer and provides various APIs for configuration management.	Yes
Emulator/Simulator for test and validation	Yes	Simulators, virtual machine included with the developer environment.	No
Quick start and programming guide	Yes. It provides following guides: HP VAN SDN Controller License Registration and Activation Guide, HP VAN SDN Controller Installation Guide, HP VAN SDN Controller Administrator Guide, HP VAN SDN Controller Programmer's Guide, HP VAN SDN Controller REST APIs, HP VAN SDN Controller Release Notes, HP VAN SDN Controller Open Source and Third-Party Software License Agreements	Yes. It provides: Junos Space SDK Release Notes, Junos Space API Reference Guide, Junos Space Application Developer Guide, Device Simulator Guide, Junos Space SDK Installation Guide for Windows/Linux/Mac	Yes
Authentication	Yes. HP VAN SDN controller REST APIs are secured via token based authentication scheme. Openstack keystone is used to provide token based authentication.	It is not at API level. It is at user level. Because Junos Space implements a single sign-on authentication scheme, the user name and password credentials you use to log into Junos Space also validate your use of OpenNMS. No separate authentication is needed.	Yes. It uses TLS protocol to authenticate application before accessing cisco network element and also need Cisco network element to enable OnePK and TLS before any communication with apps.
Backup and restore	Yes. A controller backup takes a snapshot of the controller state, and includes the following in a single file: Controller databases, License compliance history and metrics log data, In a teaming environment, the teaming configuration, User repository folder (for user-installed applications), Controller configuration folder	No	No
Logging support	Yes. Audit log and support logs are provided.	Yes. It provides REST APIs for audit and debug log mangement.	Yes

Next table talks about what should be use-cases which can be achieved using SDN SDK and whether these networking functions support is available in existing SDN SDKs.

SDK Categories	HP VAN SDK	Junos Space SDK	Cisco XNC OnePK SDK
Network Virtualization	This is done by the controller itself.	Yes	No. Not yet supported.
Appliance virtualization	Yes	Yes	Yes with respect to Firewall.
Service Assurance and Service Differentiation	Yes	Yes, it provides policy and QoS management.	Yes. It provides services for QoS and policy control.
Cloud-Ops	Yes	Yes	No
Legacy Control	No	Yes	Yes
Network provisioning	Yes	Yes	Yes
Network management	Yes	Yes	Yes
Network Security	Yes	Yes	Yes
Network Troubleshooting	No	Yes	Yes

This research over SDK for SDN may help in choosing available SDN SDK and it may also provide pointers to start development for any SDN SDK from the scratch.

References

5998-4920_HP_VAN_SDN_Controller_Programming_Guide.pdf
5998-4919_HP_VAN_SDN_Controller_Admin_Guide.pdf
MTOSI ADAPTER USING JUNOS SPACE SDK PDF
Junos_Space_SDK_13.1_Release_Notes.pdf
Junos_Space_SDK_13.1_Release_Notes.pdf
http://www.juniper.net/techpubs/en_US/junos-space-sdk/13.1/apiref/com.juniper.junos_space.sdk.help/Services.html
http://developer.juniper.net/shared/jdn/html/browser-help-13.3/com.juniper.junos_space.sdk.help/html/guides/appdevguide/websvcsproj.html
http://www.juniper.net/techpubs/en_US/junos-space-sdk/13.1/apiref/com.juniper.junos_space.sdk.help/Services.html
Junos_Space_SDK_13.1_Release_Notes.pdf
MTOSI ADAPTER USING JUNOS SPACE SDK PDF
Junos_Space_SDK_13.1_Release_Notes.pdf
Junos Space Virtual Control app is for managing virtual network.
JunosSpaceSDK_DataSheet.pdf
https://juniper.mwnewsroom.com/manual-releases/2009/Juniper-Launches-Open-Software-Platform-to-Acceler
http://trinetprimasolusi.blogspot.in/2011/01/junos-sdk-enables-developers-to.html
http://www.juniper.net/us/en/local/pdf/datasheets/1000297-en.pdf
https://communities.cisco.com/docs/DOC-53411#jive_content_id_Is_there_an_onePK_plugin_for_OpenDaylight_
https://communities.cisco.com/docs/DOC-53411#jive_content_id_Is_there_an_onePK_plugin_for_OpenDaylight_
https://communities.cisco.com/community/developer/networking/cisco-one/onepk/blog/2014/05/15/solving-a-network-securityusability-paradox-with-cisco-onepk--ben-story
http://www.data.proidea.org.pl/plnog/11edycja/PLNOG_11_Day_2/Track_1/Krzysztof_Konkowski_Przemek_Pisarek.pdf

Northbound applications on SDN controllers

Computer applications make our lives easy and cater to a specific task or need. In SDN's context, the applications can bring ease and comfort for the network/IT administrators. This blog post describes the northbound applications used over various SDN controllers. The applications range from network management, monitoring, security, QoS etc.

The application development on SDN controllers is taking place through multiple models. Some vendors(SDN controllers) make their own applications, some collaborate with others to create a joint solution, some just outsource it and some are putting in efforts to create an ecosystem by publishing APIs on which programmers like us can create innovative applications. Many applications are available on github as scripts for vendors like Cisco, Ryu, Floodlight etc.

After reading through a lot of controllers and northbound applications, I have tried to summarize it as given below.

HP VAN Controller

• HP Network Protector SDN Application: The Network Protector SDN Application, running on the HP Virtual Application Networks (VAN) SDN Controller, enables automated network posture assessment and real-time security across OpenFlow-enabled network devices. There is no need for dedicated appliances as the security application is deployed as software.

• HP Network Optimizer SDN Application Series: The HP Network Optimizer SDN Application for Microsoft Lync enables automated provisioning of network policy and QoS to provide an enhanced user experience.

• BlueCat DNS Director: BlueCat DNS Director provides you with programmatic control of your DNS services to prevent DNS tunneling, and secure application access for central DNS security, globally delivered.

• ECODE evolve™:  ECODE evolve™ is a suite of tools to facilitate dynamic network design, provisioning, simulation and automation leveraging the power of SDN. It empowers you with dynamic, real-time network designs. You can safely modify and test the designs, and then have it automatically deployed in a production environment.
   
• The F5 BIG DDoS Umbrella: The F5 BIG DDoS Umbrella, powered by the HP VAN SDN Controller solution allows you to implement network, application, DNS, and SSL DDoS protection near the network edge.

• GuardiCore Defense Suite: The GuardiCore Defense Suite adds a new layer of defense through automatically preventing targeted attacks from within the datacenter where it is most vulnerable.

• KEMP Adaptive Load Balancer App: Provides an end-to-end visibility of network paths for optimal routing of applications across the server and switching infrastructure.

• Hyperglance: Hyperglance is a Hybrid Cloud and SDN management platform that provides visibility of your whole topology and all flows in a scalable 3D environment to easily interrogate switches and interfaces and set up and take down flows

Juniper Contrail

• Junos Space Security Director: It helps organizations improve the reach, ease, and accuracy of security policy administration with a scalable, GUI based management application.

• Junos Space Services Activation Director: It ensures error-free service provisioning and monitoring of legacy Carrier-Ethernet and MPLS using a simple interface to design, validate and manage these services.

• Junos Space Network Director: It simplifies network operations by unifying wired and wireless management for complete life-cycle of management of campus and data center networks from a single pane of glass.

• Junos Space Service Now: It is a remote, automated trouble-shooting client that enables Juniper to quickly identify a problem in the customer's network to achieve a 40% increase in Day 1 issue resolution. Comes with the Junos Space Network Management Platform.

• Junos Space Service Insight: It reduces network downtime by delivering proactive bug notifications specific to your network configuration, and thorough automated end-of-life/support analysis where you can do complete EOL auditing across 100's of devices in seconds. Comes with the Junos Space Network Management Platform.

• Junos Space Content Director: It speeds and simplifies deployment and configuration of Junos Content Encore through the network, with a centralized caching management solution that scales to manage hundreds of caches from a single server.

• Junos Space Virtual Director: It automates instantiation of Virtual Machines for Juniper's virtual security services supporting fast and error-free service rollout.

FloodLight Controller

• Circuitpusher: It utilizes floodlight rest APIs to create a bidirectional circuit, i.e., permanent flow entry, on all switches in route between two devices based on IP addresses with specified priority.

• packetStreamerClientExample.py: Allows you to intercept packets from floodlight's packet_in processing chain and read them.

• graphDeps.py and graphTopo.py: Read the module dependencies (graphDeps.py) or the topology from the REST API and output it in the 'dot' format used by the popular graphviz (www.graphviz.org) package so that they can be visualized.

• DefenseFlow by RadWare: It programs networks for DoS security, providing network-wide attack mitigation services, providing defense against any DDoS attack.

Ryu Controller

• cbench.py: A dumb OpenFlow 1.0 responder for benchmarking the controller framework.

• simple_switch: An OpenFlow 1.0 L2 learning switch implementation.

• simple_isolation: MAC address based isolation logic.

• simple_vlan: VLAN based isolation logic.

• gre_tunnel: Flow table updater for OpenStack integration. Despite of the name, this isn’t GRE specific.

• tunnel_port_updater: This module updates OVS tunnel ports for OpenStack integration.

• rest: This module provides a basic set of REST API.

• rest_quantum: This module provides a set of REST API dedicated to OpenStack Ryu plug-in.

• rest_tunnel: Provide a set of REST API for tunnel key management. Used by OpenStack Ryu plug-in.

• quantum_adapter.py: Listen OpenFlow port status change notifications from switches. Consult ovsdb to retrieve the corresponding port uuid. Notify relevant parties, including quantum (via Ryu plug-in) and Ryu applications. (via Ryu Events)

• rest_conf_switch.py: This module provides a set of REST API for switch configuration.

• rest_qos.py: Enable queue setting to interface individually

• topology: Switch and link discovery module.

Cisco (Scripts available on github)

• NexusDash: A Django based monitoring web dashboard for Nexus machines. Simply drop-in the app and go!

• interface_rate_n7k: This script prints interface throughput/packet rate statistics in an easy to read list format

• link_monitor_nexus7000.py: Goal of this script is to monitor a set of interface status and act upon another set of interface status.

• cdp_description.py: This script add description to interfaces based on "cdp neighbors" information.

• crc_checker_n7k.py: The following python script checks for CRC errors on all interfaces.

• link-state-monitor: This Script,
• Shuts down all the interfaces mentioned in the –a options, when all the interface mentioned in –m option is down
• Brings up all the interfaces mentioned in the –a options, when at least one of the interface mentioned in –m option is back up

• ABM-Beam: It sends out Active Buffer Monitoring histogram for all the ports and the buffer-blocks over UDP.

• PyMonitor: Buffer monitoring

• hadoop-integration: Integration with hadoop

• vlan-add: This script will prompt the user to enter a VLAN ID to be created on multiple switches.

Nicira/VmWare NVP

• Security Services (Network Security, Threat Protection, Firewall, Anti-virus, IDS, IPS , Vulnerability Management, Security Operations.): Through partnership with Intel, Palo Alto Netoworks, Next Gen Security, PAN-NSX, Rapid 7, Symantec,and Trend Micro.

• Application Delivery Services(Load balancing, application delivery controllers, WAN optimization controllers): Through partnership with F5, Citrix.

• SDDC Operations and Visibility Services(Network operations, security operations, application and network performance monitoring/management, compliance management, infrastructure analytics, cloud management): Through partnership with  EMC Smarts, Riverbed Cascade, Gigamon, Tufin.

NetSocket vFlow

• vApps :Many third party products/applications are listed under vApps. 

Italtel SBC

• It is designed to support different virtualization technologies, including VMware, Linux KVM and MS System Center, and can be managed by different/multiple Cloud Orchestrators.