VMware announced two different VMware NSX platforms – VMware NSX for vSphere 6.3 and VMware NSX-T 1.1. These releases continue to accelerate digital transformation for organizations through the most critical IT use cases – Security, Automation, and Application Continuity – while expanding support for new application frameworks and architectures. VMware has more than 2,400 customers using VMware NSX solution. As more customers adopt NSX, VMware continue to add features to make it easier to deploy, operate and scale-out NSX environment. NSX is driving value inside the data center today and expanding across data centers and to the cloud via our Cloud Air Network partnerships, and soon to VMware Cloud on AWS and native public cloud workloads via VMware Cross-Cloud Services.
NSX empowers customers on their cloud journey. Let’s take a look at some of the new features in NSX for vSphere 6.3
Some of the new capabilities delivered in NSX for vSphere 6.3 are the Application Rule Manager (available in NSX Advanced and Enterprise editions) and Endpoint Monitoring (available in NSX Enterprise Edition). Application Rule Manager simplifies the way you create security groups and firewall rules for applications based on their real-time network traffic flows. Endpoint Monitoring enables you to profile applications inside the guest including visibility into specific application processes and their associated network connections. Used together, you have end-to-end visibility of your applications and simplified firewall rule creation to help operationalize micro-segmentation even faster and more effectively than ever before. NSX was also the first software-defined networking solution to have the Defense Information Systems Agency (DISA) Risk Management Executive publish a Security Technical Implementation Guide (STIG), signifying that the solution meets the security hardening guidance required for installment on Department of Defense (DoD) networks.
VMware continue to make enhancements to the automation capabilities in NSX for vSphere 6.3. VMware enhanced the integration of NSX Load Balancers within vRealize Automation and added support for third-party IP Address Management (IPAM) systems for on-demand routed networks. They also enhanced the integration with NSX for vSphere and vCloud Director, enabling new multi-tenant capabilities for vCloud Air Network partners, and adding support for emerging NFV use cases.
As NSX continues to mature and adoption becomes mainstream, VMware seeing customers deploy NSX for a range of different use cases. For example, AeroData Customer is leveraging the network overlay capabilities in NSX to create a highly-available, Active-Active data center architecture. In NSX for vSphere 6.3, VMware have further enhanced the security tagging capabilities in multi-vCenter deployments, simplifying security policy management at scale across multiple data centers.
Emerging use-cases: Containers and Remote Office Branch Office (ROBO)
With NSX for vSphere 6.3, VMware helping to further improve the developer experience with containers via integration with the recently announced vSphere Integrated Container (VIC). As VIC is built on vSphere 6.5, you can leverage NSX for vSphere 6.3 to connect and secure VIC infrastructure, enabling you to deliver a secure container environment on demand for developers. Another addition as part of NSX for vSphere 6.3 release is a new NSX for ROBO edition SKU. Using this capability, NSX provides a comprehensive solution to network and security policy for environments across remote and branch offices, which reduces the operational costs of branch connectivity and maintenance.
Expanded support for new platforms with NSX-T: KVM, OpenStack
VMware NSX-T is focused on emerging application frameworks and architectures that have heterogeneous endpoints and technology stacks. In addition to vSphere hypervisors, these environments may also include other hypervisors, containers, bare metal, and public clouds. NSX-T allows IT and development teams to choose the technologies best suited for their particular applications. NSX-T is also designed for management, operations, and consumption by development organizations – in addition to IT.
NSX-T 1.1 offers expanded support for multiple KVM distributions, including Canonical Ubuntu and Red Hat Enterprise Linux. NSX-T starts at the source of the application, within the hypervisor kernel, delivering optimal security granularity and line-rate performance. NSX-T delivers distributed firewalling, logical switching, and distributed routing.
NSX-T 1.1 also delivers support for private IaaS clouds based on OpenStack. With this release, NSX-T supports the latest versions of OpenStack, i.e., Newton and Mitaka. In addition to using the OpenStack APIs, development teams can also use Puppet, Chef, and Terraform to describe and automate the networking and security for their application workloads within an OpenStack environment.
Support for new app frameworks: Photon and Container Networking Interface (CNI)
NSX-T is integrated with the VMware Photon Platform. This capability allows IT to offer virtual networking and security as services to developers building and running containerized, cloud-native applications. NSX will auto-create and scale networks and routers when a new namespace/project/organization is created, and define and enforce micro-segmentation security policies for containers and pods. (Read more about Photon Platform and NSX-T.) Currently in beta, the NSX-T Container Networking Interface (CNI) plugin will allow developers to configure network connectivity for their application containers helping deliver developer ready infrastructure.
Pricing and Packaging
From now customers who purchase VMware NSX have the option of downloading and installing either platform and can switch between the two if needed without having to re-purchase NSX. And should your needs change, you can switch between the two. With NSX for vSphere 6.3, they have introduced a new NSX for ROBO (Remote Office Branch Office) packaging option.