VMware NSX
Virtual Overlay Networking + Security + Load Balancer
A Virtual Network - Security - Load Balancer
VMware NSX is a complete suite for network virtualization for your VMware environment.
Without any need to change the physical network, VMware NSX builds a complete Virtual Overlay network on top of physical network.
VMware NSX enables Virtual networking between virtual machines running on different hosts, and different IP Layer 3 subnet
VMware NSX has unique capabilities such as :
-
Virtual Networking : Create Layer 2 networks on top of your Layer 3 IP fabric
-
Distributed firewall per host : Assign security policies per VM , which migrates with VM as the migrate to other hosts.
-
Edge Firewall Service: Create Virtual Firewalls, to secure your North-South traffic
-
Load balancer : Create virtual load balancers to distribute loads between virtual servers.
NSX Use Cases
Not Only Virtual Networking
NSX can be used to create a secure infrastructure, which can create a zero-trust security model.
Every virtualized workload can be protected with a full stateful firewall engine at a very granular level.
NSX can be used in conjunction with 3rd party security vendors such as Palo Alto Networks, Checkpoint, Fortinet, or McAffee to provide a complete DMZ like security solution within a cloud infrastructure.
NSX has been deployed widely to secure virtual desktops to secure some of the most vulnerable workloads, which reside in the data center to prohibit desktop-to-desktop hacking.
VMware NSX provides a full RESTful API to consume networking, security and services, which can be used to drive automation within the infrastructure.
IT admins can reduce the tasks and cycles required to provision workloads within the datacenter using NSX.
NSX is integrated out of the box with automation tools such as vRealize automation, which can provide customers with a one-click deployment option for an entire application, which includes the compute, storage, network, security and L4-L7 services.
NSX provides a way to easily extend networking and security up to eight vCenters either within or across data center In conjunction with vSphere 6.0 customers can easily vMotion a virtual machine across long distances and NSX will ensure that the network is consistent across the sites and ensure that the firewall rules are consistent. This essentially maintains the same view across sites.
NSX Cross vCenter Networking can help build active – active data centers. Customers are using NSX today with VMware Site Recovery Manager to provide disaster recovery solutions. NSX can extend the network across data centers and even to the cloud to enable seamless networking and security.
NSX + Cumulus Open Networking
A Great Combination
Data centers often have mixed environments where both physical and virtual workloads need to communicate with each other. Virtual networks have been implemented on hypervisors. The VMware NSX and Cumulus Linux solution is now providing network virtualization edge connectivity to physical workloads at wire rate.
Cumulus Linux supports network virtualization edge functionality by implementing the layer 2 gateway VXLAN overlay scheme and terminating virtual networks in hardware using a VXLAN tunnel end point (VTEP). To enable further management simplification,
Cumulus Linux registers layer 2 gateway services with the VMware NSX Controller. VMware NSX becomes the central control and management point for virtual and physical ports, providing seamless connectivity between virtual and physical worlds.
Conclusion
Connecting physical and virtual worlds with VMware NSX and Cumulus Linux VMware NSX and Cumulus Linux enable a true integration of a virtual network platform and an underlay physical network for a scalable data center orchestration, automation, and multi-tenancy solution over high-capacity IP fabrics. Abstraction from the underlying hardware enables a cost-effective solution. With the integration of VMware NSX layer 2 gateway services on networking hardware running Cumulus Linux, customers can now connect virtual workloads to physical workloads with no performance impact.