VMware NSX

What is VMware NSX?

  • VMware NSX is software-defined networking & security virtualization platform. It reproduces the entire network model in software.
  • NSX provides a network hypervisor that manages network layers 2 through 7 (L2 to L7) services.
  • Virtual networks are programmatically provisioned and managed independent of networking hardware.
  • VMware NSX is the leading network virtualization platform that delivers the operational model of a virtual machine for the network.
  •  Similar to virtual machines for compute, virtual networks are programmatically provisioned and managed independent of underlying hardware.
  • It enables a library of logical networking elements and services, such as logical switches, routers, firewalls, load balancers, VPN, and workload security.

Key Features of NSX

  • Logical Switching – Reproduce the complete L2 and L3 switching functionality in a virtual environment, decoupled from underlying hardware.
  • NSX Gateway – L2 gateway for seamless connection to physical workloads and legacy VLANs.
  • Logical Routing – Routing between logical switches providing dynamic routing within different virtual networks.
  • Logical Firewall – Distributed firewall, kernel enabled line rate performance, virtualization and identity aware, with activity monitoring.
  • Logical Load Balancer – Full featured load balancer with SSL termination.
  • Logical VPN – Site-to-Site & Remote Access VPN in software.
  • NSX API – RESTful API for integration into any cloud management platform.11

Key benefits of VMware NSX:

  • Network provisioning time reduced from days to seconds.
  • Made easy to place and move workloads independent of physical topology.
  • Achieve operational efficiency through automation.
  • Deploy on any hypervisor and can be integrated with any cloud management platform.
  • Integrate third-party network and security solutions through standard APIs.
  • Non-disruptive deployment over existing physical networks or next generation topologies

Killer Feature in VMware NSX – Micro Segmentation:

  • Micro-segmentation is the feature of NSX which provides granular security policies or basic firewalling rules at the vNIC level.
  • Each VM has its own firewall – A Virtual Firewall.
  • Micro-segmentation is achieved via the Distributed Firewall the component of NSX, which focuses on East-West access and the VMware NSX Edge firewall which focuses on the North-South traffic.
  • Before any packets are forwarded from the virtual machines, the packets are checked by the firewall configured at the vNIC level.