What is VMware NSX?
- VMware NSX is software-defined networking & security virtualization platform. It reproduces the entire network model in software.
- NSX provides a network hypervisor that manages network layers 2 through 7 (L2 to L7) services.
- Virtual networks are programmatically provisioned and managed independent of networking hardware.
- VMware NSX is the leading network virtualization platform that delivers the operational model of a virtual machine for the network.
- Similar to virtual machines for compute, virtual networks are programmatically provisioned and managed independent of underlying hardware.
- It enables a library of logical networking elements and services, such as logical switches, routers, firewalls, load balancers, VPN, and workload security.
Why Network Virtualization?
- The network operational model has been the same for the last 25 years.
- Mobility is limited & it is totally hardware dependent.
What is network virtualization?
- A virtual network is an instantiation of all network services such as layer 2 switching, L3 routing, load balancing and firewall services within a logical space providing the ability to create and deploy virtualized application workloads.
- A virtual network must be able to abstract the underlying networking hardware and be capable of running on any network hardware as long as we have IP connectivity.
- This effectively is equivalent to a hypervisor layer for the DC network.
Key Features of NSX
- Logical Switching – Reproduce the complete L2 and L3 switching functionality in a virtual environment, decoupled from underlying hardware.
- NSX Gateway – L2 gateway for seamless connection to physical workloads and legacy VLANs.
- Logical Routing – Routing between logical switches providing dynamic routing within different virtual networks.
- Logical Firewall – Distributed firewall, kernel enabled line rate performance, virtualization and identity aware, with activity monitoring.
- Logical Load Balancer – Full featured load balancer with SSL termination.
- Logical VPN – Site-to-Site & Remote Access VPN in software.
- NSX API – RESTful API for integration into any cloud management platform.
Key benefits of VMware NSX:
- Network provisioning time reduced from days to seconds.
- Made easy to place and move workloads independent of physical topology.
- Achieve operational efficiency through automation.
- Deploy on any hypervisor and can be integrated with any cloud management platform.
- Integrate third-party network and security solutions through standard APIs.
- Non-disruptive deployment over existing physical networks or next generation topologies
Killer Feature in VMware NSX: Micro Segmentation:
- Micro-segmentation is the feature of NSX which provides granular security policies or basic firewalling rules at the vNIC level.
- Each VM has its own firewall – A Virtual Firewall.
- Micro-segmentation is achieved via the Distributed Firewall the component of NSX, which focuses on East-West access and the VMware NSX Edge firewall which focuses on the North-South traffic.
- Before any packets are forwarded from the virtual machines, the packets are checked by the firewall configured at the vNIC level.