2019/03/09 Networking Solutions 1011 visit(s)
VMware NSX® Data Center delivers virtualized networking and security entirely in software, completing a key pillar of the Software-defined Data Center (SDDC), and enabling the virtual cloud network to connect and protect across data centers, clouds, and applications.
• Switching: NSX logical switches use unique Virtual Extensible LAN (VXLAN) network identifiers to create a logical overlay extension for the L2 network, to which applications and tenant virtual machines (VMs) can then be logically wired. These logical broadcast domains enable greater flexibility and faster deployment, all while providing the characteristics of a virtual LAN (VLAN) without the risk of sprawl.
• Routing: NSX performs routing with both logical distributed routers, which create routes between virtual networks at the hypervisor kernel and physical routers for scale-out routing with active-active failover.
• Distributed firewalling: The NSX distributed firewall is a hypervisor kernel-embedded firewall that spreads out over the ESXi host. A network administrator can create custom firewall policies, which are enforced at the virtual network interface card (vNIC) level, to enforce stateful firewall services for VMs and increase visibility and control for virtualized networks and workloads.
• Load balancing: NSX offers a L4-L7 load balancer that intercepts, translates and manipulates network traffic to improve enterprise application availability and scalability. The NSX load balancer includes support for Secure Sockets Layer (SSL) offload for pass-through and server health checks. The L4 load balancer offers packet-based load balancing, which sends the packet to a specific server after it's manipulated; the L7 load balancer offers socket-based load balancing, which establishes client- and server-facing connections for a single request.
• Virtual private network (VPN): NSX includes site-to-site and remote access VPN capabilities and unmanaged VPN for cloud gateway services.
• NSX Edge gateway: The NSX Edge gateway is a VM that behaves like an appliance to perform L3 routing, firewalling, site-to-site virtual private networking, load balancing and more. This feature also offers support for VXLAN to VLAN bridging for seamless connection to physical workloads.
• Application programming interface (API): NSX uses a representational state transfer (REST)-based API to simplify third-party product and service integration and to integrate NSX with cloud management for additional automation capabilities.
• Operations: Native operations capabilities include central CLI, Switch Port Analyzer (SPAN), IP Flow Information Export (IPFIX), Application Rule Manager (ARM), Endpoint Monitoring and integration with VMware vRealize Suite for proactive monitoring, analytics and troubleshooting.
• Dynamic security policy: NSX Service Composer enables the network administrator to provision and assign network and security services to applications. The administrator can also use Service Composer to create dynamic security groups with custom filters, such as VMware vCenter objects and tags, OS type and Active Directory (AD) roles.
• Cloud management: NSX natively integrates with vRealize Automation and OpenStackfor cloud management.
• Cross-vCenter Networking and Security (Cross-VC NSX): This capability scales NSX vSphere across vCenter and data center boundaries. This enables the network administrator to address capacity pooling across vCenters, simplify data center migration, perform long-distance vMotions and perform disaster recovery (DR).
• Log management: NSX integrates with vRealize Log Insight, which receives log entries from ESXi hosts, uses content packs to process the information each log entry contains and identifies issues within the NSX deployment.
Reduce your attack surface by bringing micro-segmentation and intrinsic security to applications built on VMs, containers, or bare metal servers, in private and public cloud environments.
Streamline networking and security operations by bringing consistency across, data center, private clouds, and public clouds including AWS and Azure.
Increase speed and agility by automating networking and security services entirely in software, empowering IT and developers to move at the speed of business by treating network infrastructure as code.
Deliver native networking and security for containerized workloads that brings consistent and automated policy across application frameworks, platforms, sites, and clouds.