Network Virtualization

By deploying and managing network resources as logical services rather than physical resources, companies can:
  • Enhance enterprise agility
  • Improve network efficiency
  • Reduce capital and operational costs
  • Maintain high standards of security, scalability, manageability, and availability throughout the campus design




LAN virtualization can consolidate multiple physical networks into one virtual network or logically segment a single physical network into multiple logical networks. Partitions can be added to rapidly scale the network for business needs.

S&T Unitis Hungary offers Cisco Catalyst switches, including the Catalyst 6500, 4500, 3750, and 3560 Series to adopt the LAN Virtualization framework to improve efficiencies and save on costs even as technical requirements increase.

In addition, the Cisco Catalyst 6500 Virtual Switching System represents the next level with network system virtualization.

Cisco's LAN virtualization solutions address three important aspects of network virtualization:
  • Access control to recognize and classify legitimate users and devices, and authorize them to enter assigned portions of the network
  • Path isolation to map validated users or devices to the correct secure set of available resources (virtual private network, or VPN)
  • Services edge to provide access to services for a legitimate set or sets of users and devices by using centralized policy enforcement.


Access control provides secure, customized access for individuals and groups to protect the Enterprise LAN from external threats.
  • Port authentication using standards such as IEEE 802.1x for strong connections between authorized users and VPNs
  • Cisco Network Admission Control (NAC) to minimize security risks by removing viruses, worms, and other harmful traffic before they reach the distribution or core layers




Path isolation solutions use a mix of Layer 2 and Layer 3 technologies to best address LAN virtualization for typical LAN designs. Cisco offers three different path isolation solutions:
  • Generic routing encapsulation (GRE) tunnels create closed user groups on the Enterprise LAN to allow guest access to the Internet, while preventing access to internal resources
  • Virtual routing and forwarding (VRF)-lite, also called Multi-VRF Customer Edge, is a lightweight version of MPLS. VRF-lite allows network managers to use a single routing device to support multiple virtual routers. They can then use any IP address space for any given VPN, regardless of whether it overlaps or conflicts with other VPNs' address spaces
  • Multiprotocol label switching (MPLS) VPNs also partition a campus network for closed user groups. Previously, MPLS was not widely deployed in enterprise networks because of the lack of support on LAN switches. With the introduction of the Cisco Catalyst 6500 Series, MPLS technology is now affordable for enterprises

Services Edge uses centralized policy enforcement to:
  • Minimize capital and operational expenses
  • Share service modules across all partitions of the network
  • Rapidly deploy policies and services across the whole network