Archive

Category Archives for "VMware Network Virtualization Blog"

Transforming Security in a Cloud and Mobile World – Security Showcase Session

Over the last several years, VMware has been heavily investing in technology and solutions to transform security.  Our goal has been simple; leverage the virtual and mobile infrastructure to build security in – making it intrinsic, simple, aligned to applications and data, and infinitely more effective.

5 years ago, with NSX, we introduced the concept of micro-segmentation, enabling organizations to leverage network virtualization to compartmentalize their critical applications at a network level.

Last VMworld, we introduced VMware AppDefense, to protect the applications running on that virtual infrastructure.  This enabled organizations to leverage server virtualization to ensure the only thing running is what the application intended – flipping the security model to “ensuring good” versus “chasing bad”

Meanwhile, our Workspace ONE team has been steadily building out their platform that leverages user infrastructure, to ensure only legitimate users can get access to critical applications from devices we can trust.

The momentum for NSX, AppDefense, and Workspace ONE has been growing exponentially. And our product teams have not been standing still.  They’ve been hard at work on some incredible innovations and integrations.

 

Transforming Security in a Cloud and Mobile World

In my security showcase session, Transforming Security in Continue reading

From Zero to NSX Hero

The path toward virtualization and digital transformation can be arduous – but it doesn’t have to be. If you’re working to get a deep download on connectivity and security for apps and your data center for data, the cloud and the edge, look no further. Presenting our guide to becoming an NSXpert, below.

Getting Started

VMware NSX Data Center and VMware NSX Cloud Product and Solutions Overview

They say “you have to start somewhere,” and, well, this is it: the beginning. Before you do anything else, get yourself familiar with the NSX Data Center and NSX Cloud offerings.

 

Beginner and Intermediate Resources

Once you’ve gotten the hang of what NSX can offer, it’s time to dive into a class or two to get up to speed on all things virtualization. In an effort to “teach you how to fish,” we’ve curated our favorite links to VMware’s official educational materials – plus a few more.

 

VMware NSX YouTube Page

Check out the Training and Demos Playlist for technical deep-dives and product demonstrations.

 

Network Virtualization for Dummies

This comprehensive guide covers why now is the Continue reading

Top 10 Networking and Security Sessions at VMworld US 2018

Although it was before my time at VMware running the Networking and Security Business Unit, at VMworld 2017 we demonstrated our expanded NSX network virtualization capabilities in the data center, and the start of our journey to bring NSX to the cloud.

A lot has changed in a year.

Earlier in 2018, we announced the expansion of the NSX family of products to include NSX Data Center (formerly NSX), NSX Cloud, AppDefense, NSX SD-WAN by VeloCloud, and NSX Hybrid Connect.

With the new portfolio, we’ve delivered on the Virtual Cloud Network vision of connecting and protecting applications and data, regardless of where they sit – from the data center to the cloud, and the edge.

VMworld 2018

To help you learn about this vision and the advancements we’ve made in the products that underpin it, we have a huge VMworld 2018 in store for you. With over 70 dedicated networking and security sessions, we’ll cover everything from the basics to super-technical deep dives.

Below is my curated list of can’t-miss networking and security sessions. Make sure you jump onto the content catalog on VMworld.com to reserve your spot before they fill up.

I’m looking forward to joining all of you Continue reading

Where in the World is NSX?

VMware NSX is going worldwide! We’ll be out and about through the end of the year, spreading networking and security love across America, Asia Pacific, and Europe. Our goal is to help agile organizations move toward a Virtual Cloud Network with consistent connectivity, branch optimization, and security across all infrastructure.

 

Whether we’ll be at a booth, product demo, talk, or otherwise – we want to connect! Join us at any of the major conferences and NSX upcoming events listed below to chat with our product experts. And, if you think you’ll be in attendance, be sure to tweet at us to let us know!

 

NSX Upcoming Events

 

NSX Upcoming Events

RSA Conference APJ – 7/25
When: July 25- 27, 2018
Where: Singapore
Click here to learn more

Black Hat US – 8/4
When: August 4- 9, 2018
Where: Las Vegas, NV
Click here to learn more

Gartner SRM Summit APJ – 8/20
When: August 20 –21, 2018
Where: Sydney, Australia
Click here to learn more.

NSX Mindset @ VMworld – 8/27
When: August 27, 2018
Where: Las Vegas, NV
More details forthcoming

Microsoft Ignite – 9/24
When: September 24- 28, 2018
Where Continue reading

Clark County Embraces Intrinsic Security with VMware NSX Data Center

Allen Tyson is a Senior Network Analyst at Clark County, located in the State of Nevada. Clark County encompasses the City of Las Vegas, and sees 47 million visitors each year. With roughly 10,000 employees and 38 departments, Allen has a large network to maintain.

Alex Berger, Networking and Security Product Marketing Manager, spoke with Allen about software-defined networking (SDN), and what led Clark County to choosing VMware NSX Data Center.

 

The Power of Social Media Communities

When a forward-thinking Deputy Chief Information Officer began talking about SDN, Allen did his due diligence to decide on the best option for Clark County. He took to social media to determine whether that choice would be NSX Data Center or Cisco ACI.

“First thing I did was I got on Twitter,” Allen explains. “It seemed like NSX was capable of doing a little bit more [than Cisco ACI] and it also seemed like the communities behind NSX and the people who were using NSX and the ability that I had to get a response from people was greater on the NSX side. And so, I started looking more into NSX.”

Allen was looking for stories from other customers with similar Continue reading

Networking’s Future, Not Networking’s Past 

VMware Continues as a Visionary in 2018 Gartner Data Center Networking Magic Quadrant  

We are excited to announce that for the fifth year in a row, VMware has achieved the position of visionary in the Gartner Magic Quadrant for Data Center Networking, which is defined as…understanding where the data center market is going and having a vision for changing market rules.

Five Years! That’s a long time in technology! During that time, we’ve all seen the rise of public cloud providers and massive shifts in cloud constructs and cloud management platforms.  Application development trends have gone from monolith to virtual machines to containers and micro-services to serverless functions and events.  Application components are getting smaller, datacenter edges are disappearing, management platforms are becoming more flexible and the basic requirements of networking and security have remained the same…connect and protect applications and data.  Only applications and data are now constantly changing with agile development practices and multi-cloud strategies…and the VMware networking portfolio is evolving to make sure they stay connected and protected!

For evidence, look at our recently announced vision for the Virtual Cloud Network.

The foundation of that vision for a networking industry transition to software was started by VMware with virtual switching, expanded into the data center with the groundbreaking VMware NSX network virtualization platform, and is now powering software-based networks from data center to cloud to branch to edge for our enterprise and service provider customers.  We’ve led this transition by defining network virtualization; by creating an entire industry movement around micro-segmentation; and by continually evolving NSX capabilities to provide advanced Continue reading

The VMware NSX® Roadshow is Coming to a City Near You

VMware NSX enterprise-grade solutions support your path toward network virtualization, micro-segmentation, application availability, IT automation, and cross-cloud architecture. And while we mostly live in the cloud, we’re coming back to Earth and taking our proverbial show on the road with the VMware NSX® Roadshow. It all goes down this summer, in a city near you!

 

VMware NSX® Roadshow workshops are designed specifically for networking and security professionals and delivered in a casual, interactive setting. Each participant gets the chance to engage one-on-one with VMware NSX product experts to ask questions, get hands-on help, and network with other people interested in, well, networks!

 

When you sign up, you’ll learn how agile organizations are using a Virtual Cloud Network as a north star to guide them toward creating a network built on best practice pillars like consistent connectivity, branch optimization, and security across all infrastructure.

 

Upcoming Events

Join us to talk shop, meet and greet, get deep drives on hot topics, product demos, and guided one-on-ones with product experts in one of the following cities:

 

Detroit – 7/17

When: July 17, 2018, from 1:00 P.M. to 4:30 P.M.

Where: Westin Southfield Detroit

1500 Town Center

Southfield, Continue reading

NSX Cloud Blog Series Part 2: A Consistent Security Posture Across Your Hybrid Cloud

We now dig deeper into the cloud security use-case.  As more and more companies embrace cloud, the cloud IT teams are tasked with the responsibility of ensuring that these cloud deployments are secure. Cloud inherently brings in new environments, and these cloud security teams are now faced with ensuring Enterprise security policy consistency across these multiple disparate cloud environments.

 

VMware NSX Cloud addresses these challenges, offering a common security and micro-segmentation platform across the on-premises and cloud environment. Together with NSX Data Center, it provides a single pane of glass to provision and manages consistent security controls not only for cross-cloud communication but also within each cloud.

 

Let’s start with VISIBILITY. You can’t protect what you can’t see. As a cloud infrastructure/security team, you may have to manage 1 AWS cloud account (subscription in Azure) and 1 AWS VPC (VNET in Azure) … or you may be managing 500+ accounts/subscriptions, each having multiple VPCs / VNETs. As cloud deployments bring automation and higher levels of agility, the cloud footprint that you would be responsible for can quickly become large and constantly evolve. How do you ensure that this dynamic environment is secure?

 

Focused on this specific Continue reading

The value-add of NSX Data Center Compared To Open Source Solutions For Cloud Native Apps

Authored by:

Roie Ben-haim (Twitter: @roie9876)

Niran Even-chen (Twitter: @niranec)

In our job as System engineers in the networking and security for Cloud native applications (CNA) space we get to work with many customers on their implementation of CNA platforms. The fun part of that is that we get to hear the “DevOps” drivers and needs of many enterprise customers. Developers using CNA platforms such as Kubernetes (k8s) and Pivotal Application Service (Formerly known as PCF) don’t always have security and networking first in mind; they are focused on speed and innovation. A developer doesn’t want to wait for the networking team to provision service (e.g. load balancing, switching, etc.), or for the security team to whitelist a new app capability. This is especially true in enterprises where “Change management” is manual and long process. On the other hand, when it comes to those same enterprises, there are regulations and security requirements that can slow down the innovation process. To strike a balance, networking and security platforms for CNA need to operate in as seamless a manner as possible to maximize speed and efficiency for both IT and developers. NSX Data Center is a platform built just for Continue reading

NSX Cloud Blog Series: Part 1

On the heels of announcing general availability of NSX Cloud on June 5th, we’re pleased to announce that NSX Cloud was selected as Best of Show runners-up in the cloud computing category at Interop Tokyo. The full list of all winners is available here. For those unfamiliar, Interop Tokyo is a major event of over 140,000 attendees, and this award requires an hour presentation including a demo and Q&A to the Interop Committee, so this award came with some scrutiny and we’re proud to have received it.

 

Let’s deep dive a little into what NSX Cloud is all about. As enterprises make the transition to a hybrid cloud model, new challenges inherent to managing this hybrid cloud model arise, including: how to extend enterprise network policies seamlessly to the cloud, how to have complete operational visibility into traffic flows across your hybrid environment, and how to maintain a consistent security policy across private and public clouds. These are key concerns for Network and Security administrators as well as cloud architects. NSX Cloud is designed to address these requirements.

 

NSX Cloud Model

 

NSX Cloud together with NSX Data Center provides a uniform operational model across Public Cloud and on-premises Continue reading

Myth Busted: Who Says Software Based Networking Performance Does Not Match Physical Networking?

100 Gbps Performance with NSX Data Center

NSX Data Center has shown for some time now (see VMworld 2016 NSX Performane Session (NET 8030) that it can drive upwards of 100G of throughput per node for typical data center workloads. In that VMworld session, we ran a live demo showing the throughput being limited by the actual physical ports on the host, which were 2 x 40 Gbps, and not by NSX Data Center.

Typically, in physical networking, performance is measured in raw packets per seconds to assure variety of traffic at variable packet sizes be forwarded between multiple physical ports. While in virtualized data center this is not a case, as hypervisor hosts only have to satisfy few uplinks, typically no more than four physical links. In addition, most of the virtualized workload use TCP protocol. In that case. ESXi hypervisor fowards the TCP data segments in highly optimized way, thus not always based on number of packets transferred but the amount of data segment forwarded in software. In typical data center workloads, TCP optimizations such as TSO, LRO and RSS or Rx/Tx Filters help drive sufficient throughput at hardly any CPU cost. TSO/LRO help move large amounts of Continue reading

Pivotal Container Service (PKS) Integration With NSX-T Data Center: A lab study with Tips

Contributions from: Alka Gupta, Prasad Kalpurekkal

Pivotal Container Service (PKS) aims to simplify how enterprises deploy, run and manage Kubernetes clusters on any cloud. For detailed documentation of PKS installation and configuration, go here. For details on configuring PKS with NSX-T Data Center, go here.

Every enterprise wants to run containers in production. However, primary questions being asked are: “How do I get Kubernetes to work in my data center? How do I simplify deployment of Kubernets clusters? What about Networking and Security? ”

PKS answers these questions with a feature set tailored to the requirements of the enterprises.  Read about PKS features in detail here.

One of the features PKS offers is tight integration with NSX-T Data Center, enabling advanced networking and security for container based emerging application architectures, just as it does for traditional 3-tier apps. In these environments, NSX-T Data Center provides Layer 3 container networking and advanced networking services such as built-in load balancing, micro-segmentation, multi-tenancy, central visibility with a central SDN controller, network topology choices and more. We demonstrated this at the Network Field Day 17 which you can see here.

In this blog, we call out the work done at VMware Global Solutions Partner lab on configuring Pivotal Continue reading

Announcing General Availability of VMware NSX-T Data Center 2.2.0

VMware is pleased to announce that VMware NSX-T Data Center 2.2.0 has been released on June 5, 2018!

 

With this release we have introduced a number of excellent new features for on-premise deployments as well as the ability to manage Microsoft Azure based workloads as part of the NSX Cloud product. VMware NSX-T Data Center has also been updated to provide networking and security infrastructure for VMware Cloud on AWS.

Here is list of highlighted features that may be of most interested to customers. Note that this is not a complete list of new features. Please see the release notes for this release for all of the details.

Management of Workloads in Microsoft Azure

 

One of the most interesting new features of NSX-T Data Center 2.2 is the enablement of NSX Cloud, managing networking and security for applications running natively in public clouds, now including Microsoft Azure. This feature enables a true hybrid cloud with management of network security in a single view. This feature is detailed well in the following blog by Jonathan Morin so instead of repeating all the details here it is highly recommended you review this page:  https://blogs.vmware.com/networkvirtualization/2018/06/nsx-cloud-a-new-and-improved-model-for-end-to-end-networking-and-security.html/

Enhanced Data Path Mode in N-VDS

 

Continue reading

NSX Cloud: A New and Improved Model for Multi-cloud Networking and Security

Remember the headlines years ago, asking what would win: public cloud or private cloud? Or hybrid cloud? And everyone had different definitions for each? Of course, as it often is with technology trends, our “or” questions have “and” answers. Let’s imagine current day, where you might see one group running an application on-premises with absolutely zero plans for it to go anywhere. In a far-away land, several desks or cubes away, some savvy developers are building a new innovation – it could be a new service type, a new app, a new feature on a website – directly in AWS. A few desks further, and someone indeed may believe that AWS app belongs back on premises. Finally, in the same organization, an IT group is looking at how Microsoft Azure is offering a compelling alternative to hosting an app they’re just not interested in maintaining anymore.

This is just one example of a potential multi-cloud scenario. Each organization’s specific needs are different, yet this array of parallel cloud uses is not a foreign one to many organizations. In fact, in this year’s “State of the Cloud” report, RightScale found that organizations use five clouds on average.

 

 

At Continue reading

Securing with NSX – Beyond the DevSecOps Paradigm

There are two digital explosions simultaneously happening in enterprises across all verticals. Enterprises are moving at a breakneck speed on every aspect of their business. From managing their supply-chain, making purchasing decisions, targeted marketing campaign to users, creating apps to connect with users and making it easier for users to consume their products.

The good news is technology is keeping pace and is a step ahead in helping the business achieve their goals. These business imperatives are forcing software iterations to be faster and be more efficient. This is leading to newer innovative models around people/processes/tools that we collectively call Continuous Integration(CI)/Continuous Development (CD). Teams leading the charge on CI/CD models are working in a “DevOps” model. 

The second explosion is related to the first explosion. As complex software become easy-to-use and be ubiquitous, sophisticated tools can be used to attack enterprises. Managing Security is getting harder. Last decade – there was a belief – I am not going to be attacked. Fast forward today – enterprises expect to be attacked and breached. This is not just a baseless impression. Forrester’s 2018 survey shows that 66% of survey respondents have faced a major security incident. 

 

 ”It’s kind Continue reading

Viewer’s Guide: Virtual Cloud Network Online Event

Start Building the Virtual Cloud Network Today, join the online event June 5 at 11am PDT


You might not know it yet, but your network is holding you back. Unconnected clouds and data silos prevent your enterprise from securing and mining valuable data. VMware creates connections from your data center to the cloud to the edge – providing a secure, consistent foundation that drives business forward, rather than holding it back.

VMware recently announced our vision for the next era of networking – the Virtual Cloud Network. Join us for an exclusive online event to learn about how your organization can start building the network of the future. To prepare for this event, I not only spent time with the customers, technical leads and executives you hear from, but also behind the scenes, I have been part of many more conversations that I was not able to share.  Pulling from those conversations, I’ve created your viewer’s guide for each segment of the event.

 

An overview of the Virtual Cloud Network by Rajiv Ramaswami, Chief Operating Officer, Products and Cloud Services

Rajiv and Pat share their executive views on the Virtual Cloud Network at the beginning of the event. To Continue reading

Simple, Efficient, and Modern: VMware NSX introduces new HTML5 UI

Along with the advancements in context-aware micro-segmentation and network virtualization, we are also continually raising the bar on making VMware NSX simple to deploy, manage, and operationalize at scale – and that, of course, involves a responsive and easy-to-use HTML-based UI to access VMware NSX functionality.

With VMware NSX for vSphere 6.4.1, you can now access all NSX installation and security functionality through a responsive HTML-based vSphere Client, including Distributed Firewall, Service Composer, Application Rule Manager, and more. This modern interface does not have any dependencies on browser plugins (e.g. Adobe Flash), has a more minimalistic look-and-feel, and loads so much faster! Beyond the immediate aesthetic improvements, here’s a quick look at some of the key enhancements to how we’re simplifying the NSX user experience.

 

NSX Firewall – Better Visibility and Efficient Rule Management

 

Given how feature-rich the NSX Firewall page is, our usability designers focused extra attention on streamlining the day-to-day tasks of creating, managing and troubleshooting firewall rules.

For starters, at the top of the Firewall page, we’ve introduced a new Status Bar and elevated table-level actions (like Publish and Save) to their own dedicated Toolbar. Now, at a glance, you can immediately Continue reading

Extending the Power of NSX to Bare-metal Workloads

Authors – Sridhar Subramanian and Geoff Wilmington

 

VMware NSX Data Center was built with the goal of consistent networking and security services independent of changing application frameworks or physical infrastructure. In the last couple of years, NSX Data Center has focused on delivering network and security abstractions for applications on any compute platform. In our journey, we have handled VM’s, containers, cloud, and now we are also looking to help our customers with scenarios where they need a unified experience for bare-metal workloads.  The goal being to maintain a consistent security experience regardless of location or platform the workload is running on.

This experience means being able to take any workload, add it to an NSX Data Center Security Group and through the NSX Data Center Distributed Firewall have a consistent policy applied regardless of location and workload type.  This consistent approach leverages the NSX DFW capabilities with stateful firewalling for the workloads.  This is accomplished outside of using native OS capabilities like IP Tables or Windows Firewall so security admins only need to understand how to apply security through NSX DFW, and not have to understand the myriad of native OS approaches and complexity.  By centralizing Continue reading

The Virtual Cloud Network Demystified

Introduction

Welcome to Summer 2018!  It’s been nearly one month now since our CEO Pat Gelsinger announced the Virtual Cloud Network vision at Dell Technologies world in Las Vegas.  Essentially the reveal (in my personal opinion) was focused on raising awareness that VMware has now delivered to the market what many of you have heard for quite some time now as “the vision” for networking and security, whereas NSX has become an integral part of many various parts of your business:

Enter stage left, the Virtual Cloud Network.  VCN builds upon the fundamentals you’re already familiar with from NSX—these include (but are not limited to) integrated security, consistent connectivity, and inherit automation, but really focuses on tying together an end-to-end architecture that allows our customers to deliver applications and services everywhere.  Our customers have asked and we have listened… the demand for any infrastructure, any cloud, any transport, any device, and any application has drastically changed the landscape and technologies associated with building/architecting and having a modern enterprise network.

We’ve been quite busy over the past month with lots of interest coming from partners and customers wondering what this really means.  Well today the wait Continue reading

NSX Workshop: Secure App Infrastructure and Multi-Site Cloud Networking

NSX Workshops

[Summer 2018] Free NSX Training Workshop near you!

Secure Application Infrastructure and Multi-Site Cloud Networking

 

What: Attend a half-day lecture and lab designed to get you started with Micro-segmentation and Multi-Site Cloud Networking (Disaster Recovery).

Why: Not only will you get a business and technical overview of NSX Data Center, you’ll also receive hands-on experience with the products. We’ll make sure you leave knowing how NSX can help secure and extend your network across multiple sites, and into the cloud.

 

Sneak peek (full agenda in registration links):

  • Security: Understand your network traffic flows and intelligently create security groups and policies, leveraging vRNI, Service Composer, and Application Rule Manager to secure your network.
  • Disaster Recovery: Deep dive into multi-site NSX Data Center topologies, learn how to architect your network overlays, and gain visibility across your virtual and physical networks – all so you can build a resilient and flexible network.

RSVP your spot today (click below):

1 2 3 13