VMWorld 2019 brings the newer version of NSX-T 2.5 with more cloud & security features. NSX-T has seen great success in the market for multi-platform network and security use-cases, including automation, multi-cloud adoption, and containers as customers move through the digital transformation initiative. NSX-T is the industry’s only network and security platform delivering a wide range of L2-L7 services, built from the ground up for workloads running on all types of infrastructure – virtual machines, containers, physical servers, and both private and public clouds. New release of NSX-T further strengthens our intrinsic security capabilities architected directly into networks and public and private cloud workloads that applications and data live on, reducing the attack surface.
NSX-T delivers advancements in networking, security, automation, and operational simplicity for everyone involved – from IT admins to DevOps-style teams to developers. Today, NSX-T has emerged as the clear choice for customers embracing cloud-native application development, expanding the use of public cloud, and mandating automation to drive agility.
Key Focus Areas in NSX-T 2.5
Analytics and Visibility:
NSX Intelligence is a distributed analytics engine that provides continuous data-center wide visibility for network and application security teams helping deliver a more granular and dynamic security posture, simplify compliance analysis, and streamline security operations. Traditional approaches involve sending extensive packet data and telemetry to multiple disparate centralized engines for analysis, which increase cost, operational complexity, and limit the depth of analytics. In contrast, NSX Intelligence built natively within the NSX platform, distributes the analytics within the hypervisor on each host, sending back relevant meta-data to a scale-out, lightweight appliance for visualization, reporting and building machine-learning models. Combining the deep workload and network context unique to NSX, the engine provides detailed application topology visualization, automated security policy recommendations, continuous monitoring of every flow, and an audit trail of security policies, all built into the NSX management console for a single-pane-of-glass experience.
Hybrid Cloud Networking and Security with NSX Cloud:
NSX Cloud offers customers a new model for multi-cloud network management that provides consistent networking and security for applications running natively in the public cloud, and across multiple public clouds. When paired with NSX Data Center, NSX Cloud provides operators a single view of networking services and security policies that are applied to all workloads, whether on VMs running in a private data center or workloads hosted in AWS or Azure. With NSX-T 2.5, we are building upon the success of NSX Cloud and introducing a new deployment and operational mode referred to as the Native Cloud Enforced mode. This mode provides a consistent policy model across the hybrid cloud network and reduces overhead by eliminating the need to install NSX tools in workload VMs in the public cloud. The NSX security policies are translated into the cloud provider’s native security constructs via APIs, enabling common and centralized policy enforcement across clouds.
Security Enhancements and Compliance
NSX-T achieves FIPS 140-2 compliance
Bolstering the intrinsic security arsenal with Layer 7, VPN
Extending Layer 7 support to NSX Edge Firewall and KVM environments
VPN Enhancements for Multi-tenancy
Packet Mirroring for East-West Traffic Monitoring (via Service Insertion)
Additionally, they have added several security enhancements such as multiple App-ID profiles per rule, FQDN/URL on KVM, and context/metadata subscription for north-south Service Insertion.
Simplified Operational Experience
NSX-T 2.5 improved the user experience at every level – UI, dashboards, APIs, systems – and for all users – network and security admins, sysadmins, DevOps, developers. This release brings several enhancements that make it easier to operate seamlessly from a Day 2 perspective. This release expands the breadth and depth of several use-cases in security, automation, multi-cloud networking, and cloud-native applications. The Virtual Cloud Network is the ultimate destination for customers, supported by NSX-T to enable consistent networking and intrinsic security for workloads of any type (VMs, containers, bare metal) and located anywhere (data center, cloud, edge). Watch this space for a series of deep-dive blogs on some of the key capabilities supported in this release of NSX-T 2.5.
“Be social and share this on social media, if you feel this is worth sharing it”