Back about two years ago I took a NSX Bootcamp. After the bootcamp, I wanted to create a cheat sheet for myself since I don’t have a networking background and it was the first time working with NSX. That way I had something to look at later to refer to as a reminder. So I created these two pages where the one is a “simple” logical view and the other is a more detailed logical view. Although I created this two years ago, it covers the core components and concepts of NSX, so it is still accurate and relevant to the latest versions of NSX.
The detailed page (shown in the picture above) shows all the components of NSX, each component’s function, the intercommunication between them, what plane (Management, Control, or Data) they are in, etc.
I think most individuals will find it useful, especially those that are new to NSX. If you have any questions on the PDF that my overview video doesn’t answer, feel free to email me from this site.
Attending VMworld And Interested In vSphere 6.5 Security?
Try My “vSphere 6.5 Security – Getting Started” Lab!
If you are attending VMworld US 2017 from August 27-31st in Las Vegas, NV and you are interested in the new vSphere 6.5 Security feature sets, then I have a lab for you! I am a lab captain for the Hands On Labs and have two labs that I created for this years VMworld sessions.
These new labs as well as the many other will only be available at the VMworld US and Europe conferences initially. After both conferences are over, we slowly release most of the new labs to the public-facing Hands On Labs environment that anyone can get to with an internet connection. You will see some labs to start showing up on the public side right after VMworld and then the rest typically will be released within or month or so. No guarantee on what labs will make it to the public site and when they will show up though, that is just what I’ve typically seen over the past few years.
This is my first time as a lab captain and creating labs, so I would love to see some HUGE numbers of people taking my labs! It would make me feel good knowing that people learned something by taking my labs. If you end up taking either lab at VMworld or even after they have been released to the public-facing HOL site, let me know what you think! You can reach out to me on my social media outlets, the links to them are on the right side of the page.
Below are the labs that I have built and a summary of each of them:
(HOL-1811-01-SDC) vSphere 6.5 –What’s New:
Description: Explore some of the new features of vSphere 6.5 including VM Encryption, vCenter High Availability, and the new HTML5 vSphere Client. You will also learn about the improved vCenter Server Appliance and how to migrate from a Windows-based vCenter Server installation.
Description: Experience new security features of vSphere 6.5, including VM Encryption, Audit Quality Logging, Encrypted vMotion, Key. We also use our vRealize Log Insight solution to look at the enhanced logging of the vCenter server logs. Add Key Management Servers (KMS) to the vCenter server and create a trust between them. Then we use PowerCLI commands to encrypt/decrypt virtual machines as well as other encryption related tasks.
Don’t forget to stop into the Hands On Labs at VMworld and take some labs…see you there!
For all those VMware techies out there that work with VMware solutions on a daily basis, it’s hard to remember everything we need to know related to the many solutions we manage. So VMware has created several VMware Reference Posters to help us out when we need a little reminder as far as a command-line argument, configuration option, etc.
At the VMware provided website, they have provided us with (3) reference posters for working with PowerCLI 6.5 R1, vCenter Server Appliance (VCSA), and Platform Services Controllers (PSC) Topology Decision Tree. Click on the below link to go to the VMware Reference Poster site and download your copy of these great tools!
Although not listed in the above site, there is also a NSX Reference Poster that is also available! So for those that are managing VMware NSX, I highly recommend you download this poster and keep it handy, I am sure you will need to use it at some point in time while managing NSX.
The dimensions for the NSX posters are designed to be printed in a high-resolution A3 size (no lower than 300 dpi).
On June 1st, 2017, VMware released a new version of their vRealize Network Insight (vRNI) solution, version 3.4! VMware vRealize Network Insight delivers intelligent operations for software-defined networking and security. It helps to optimize network performance and availability with visibility and analytics across virtual and physical networks. It provides planning and recommendations for implementing micro-segmentation security, plus operational views to quickly and confidently manage and scale VMware NSX deployment.
What’s New in vRealize Network Insight 3.4?
The new and enhanced features in this release are as follows:
AWS Public Cloud Support – vRealize Network Insight now provides visibility into native AWS constructs such as VPC, VM, Security Group, and Firewall rules. Traffic flows are also analyzed to provide security and micro-segmentation view of cloud workloads (Enterprise edition only).
Configurable Data Retention – vRealize Network Insight provides ability to modify the data retention periods for problem events, configuration changes, and metrics (Enterprise edition only).
Support for Physical Devices in Application Modeling – vRealize Network Insight now allows the inclusion of physical servers in application tier definition and micro-segmentation planning.
New NSX Operation Events – Additional NSX operations alerts have been introduced in this release.
Customization of Alerts – The customization is done through global macro settings as well as at individual alerts level.
Support of vCenter Tags and Annotations – It is an additional way to group virtual machines into security and application groups.
Visibility of Physical Layer-2 Network – From this release onwards, the layer-2 networks are visible in the VM-to-VM path dashboard.
Addition of Syslog Messages – vRealize Network Insight supports syslog messages for sending the events generated by the system to external log management products (including Log Insight).
For more information on vRealize Network Insight 3.4, see the below links…
Missed The Latest VMware Announcements In The Past Month?
Check Out This Summary!
Have you been busy lately and haven’t keep up to date with the latest VMware announcements over the last month or two? If so, you have missed quite a bit! So I thought I would make it easy on you and pull together all the recent announcements related to product updates, acquisitions, promotions, partnerships, VMworld, Wanna Cry Ransomeware, etc. This summary has a lot of great information that you want to be aware. I highly recommend that you read through the full list of announcements to be sure you are aware of them.
One link I would like to draw your attention to specifically is under “Security” which takes you to a VMware blog about the “WannaCry Ransomeware” attack that swept the world on May 12th, 2017 in over 150+ countries worldwide. The article discusses how VMware’s NSX solution and its “Zero Trust” model could have helped those that were attacked mitigate this attack. This just proves how important it is that businesses consider using VMware’s NSX solution to help protect their environments from attacks in ways that other solutions can’t.
New Promotion – User Environment Manager (UEM) 9.2
Updated Promotion- vRealize 25% Upgrade Promotions Extended to July 29, 2017
WannaCry Ransomware attack that attacks Microsoft operating systems swept the world on May 12th in over 150+ countries. Below is VMware’s response on how the NSX Zero-Trust model could have helped mitigate this attack using NSX. This is a great opportunity for you to drive how critical it is to use NSX and where other solutions couldn’t provide the same protection that we can from these types of attacks.
When one of my colleagues pointed out this promotion to me, I was blown away. Read the original post at The NSX Mindset. I wanted to make sure there wasn’t a hidden cost; The details do matter, so here they are. VMware is running this promotion in conjunction with the VMUG Advantage program. The individual needs to:
Join VMUG (that initial step as a “Member” is free)
As we move more of our work and personal lives digital and carry all of it in our pockets, securing our smartphones often feels daunting and confusing. If you follow a few simple steps, you can protect yourself from the vast majority of threats that exist—both physical and digital.
Learn how out-of-the-box integration of VMware TrustPoint and AirWatch further enhances securing and managing mobile, desktop and server environments, and dynamically drives policy configuration changes across the organization for even stronger compliance and faster threat containment.
Traditional approaches to securing a data center are focused on building a strong perimeter to keep threats outside the network. However, little is done to protect the network once a threat is inside the network. East-West (server-to-server) traffic accounts for more than 80% of overall data center traffic, but it’s largely unprotected, leaving you at risk. Virtual Network Assessment shows what percent of your data center traffic is “East-West” and not protected by your perimeter firewall.
How do I get started with micro-segmentation?
It can be a labor-intensive process to figure out what security policies to put in place, requiring time-consuming tasks such as identifying which servers are talking to each other and what ports are open. Virtual Network Assessment gives you a preview of how to micro-segment your network and recommends firewall rules to help you get started.
In this session, I provide a DEMO of vRealize Network Insight or (vRNI) 3.2. I run through the entire interface and provide an overview of its capabilities and features. Some of the capabilities I show are related to Planning Security, Path Flows, Global Searching, Visual Topology, and much more!
vRealize Network Insight delivers intelligent operations for software-defined networking and security. It helps optimize network performance and availability with visibility and analytics across virtual and physical networks. It provides planning and recommendations for implementing micro-segmentation security, plus operational views to quickly and confidently manage and scale VMware NSX deployment.
Technical Sales 201 – What’s New in vRealize Network Insight (vRNI) 3.3 – Video!
In this session, I provide a Technical Sales 201 overview of the newly released vRealize Network Insight 3.3. In the overview I talk about the numerous technical enhancements that were made in version 3.3. Below is a summary of the overall enhancements made…
NSX Events & Support enhancements.
Enhanced Event Management.
General User Interface changes.
Network Address Translation (NAT) Improvements.
NSX Firewall enhancements.
And Palo Alto Support.
VMware vRealize Network Insight delivers intelligent operations for software-defined networking and security. It helps optimize network performance and availability with visibility and analytics across virtual and physical networks. It provides planning and recommendations for implementing micro-segmentation security, plus operational views to quickly and confidently manage and scale VMware NSX deployment.
Last October, when VMware unveiled a strategic partnership with Amazon Web Services (AWS), many in the tech industry were surprised. The two companies, once spirited competitors, announced they were collaborating on a new hybrid cloud solution called VMware Cloud on AWS.
The vSphere Distributed Switch (VDS) is a powerful, but often misunderstood technology that is included with VMware vSAN. This post will review some of my favorite settings on the VDS, and how you can use them to get better control, performance, and visibility into your virtual SAN cluster. While it is most known for the ability to create port groups that exist on all hosts with a simple click, it also has a lot of lesser known but incredibly powerful functions that will aid the vSAN administrator.
You may have seen the recent release announcement for VMware NSX for vSphere 6.3 and NSX-T 1.1. This technical white paper is focused on the VMware NSX-T architecture, components, and capabilities. We also explain the technical advantages and benefits of the NSX-T architecture.
Finally! It’s time to talk about NSX 6.3. As you can tell from minor version jump, this version has a number of new capabilities and enhancements and most of them were highly-awaited too. If you were waiting for it too, there is a good chance that it contains what you wanted.
This past week at VMware has been quite exciting! Pat Gelsinger, VMware CEO, reported on the Q4 2016 earnings call that VMware NSX has more than 2,400 customers exiting 2016. Today, we continue that momentum by announcing new releases of our two different VMware NSX platforms – VMware NSX™ for vSphere® 6.3 and VMware NSX-T 1.1.
On February 15th, we will be hosting another “Getting More out of VMware” webinar. Continuing on our theme of intelligent operations, we will show you how to install, configure and utilize vRealize Network Insight product. Register below, or read for more details!
I have had nothing but fun working with NSX over the past few years. I love everything about it from design, deployment to managing it. Such a fantastic solution that brings a LOT to the table including deploying logical networks in just a few clicks to enhanced security thanks to microsegmentation. This post is for you folks out there seeking for that more in-depth look of what is going on behind the scenes between virtual machines when they communicate with one another with NSX.
With Early Release ebooks, you get books in their earliest form—the author’s raw and unedited content as he or she writes—so you can take advantage of these technologies long before the official release of these titles. You’ll also receive updates when significant changes are made, new chapters are available, and the final ebook bundle is released.
The vSphere Distributed Switch (VDS) is a powerful, but often misunderstood technology that is included with VMware vSAN. This post will review some of my favorite settings on the VDS, and how you can use them to get better control, performance, and visibility into your virtual SAN cluster.
Network File Systems, generally known as NFS is file-level storage which is allocated by shared storage. It is Network attached storage that can be shared across a cluster in vSphere. It allow an user on a client computer to access filers over network similar as local storage.
In this video I will go over the basic concept of micro segmentation within the datacenter. micro segmentation is a key feature of NSX and a common use case for customers as it allows distinct isolation between servers and their east / west traffic. This is not easily accomplished with traditional hardware firewalls, using NSX creating segmentation rules is simplified and manageable.
I had the pleasure of joining my first ever internal security conference called MooseCon (Making Our Organization Security Experts Conference). There were a variety of topics discussed, but one particular talk by Noah Wasmer, Senior Vice President of Mobile Products, stayed with me the most. Noah discussed recent cyber attacks in the news, and he asked, “If you were on the front page of the Wall Street Journal because of a security breach, what would that do to your business?”
Earlier last week I had deployed the latest version of vRealize Network Insight (vRNI) 3.2 in my home lab to learn more about the product and its capabilities. The vRNI setup involves involves deploying two Virtual Machines, the first being the main vRNI Platform OVA. Once the vRNI Platform VM has been deployed, you will need to activate it with […]
Optimize network performance and availability with visibility and analytics across virtual and physical networks. Provide planning and recommendations for implementing micro-segmentation security, plus operational views to quickly and confidently manage and scale VMware NSX deployment.
When it comes to managing, troubleshooting, and securing the network, many network administrators face a puzzling, and frustrating, visibility gap across the virtual and physical network. How can you ensure health and availability while also enhancing security and compliance? Improve troubleshooting and automate operations? And do all that while The post vRealize Network Insight New Customer E-Book appeared first on VMware Cloud Management .