Humair Ahmed

Author Archives: Humair Ahmed

VMware Cloud on AWS: NSX and Avi Networks Load Balancing and Security

Authors and Contributors

I want to thank both Bhushan Pai, and Matt Karnowski, who joined VMware from the Avi Networks acquisition, for helping with the Avi Networks setup in my VMware Cloud on AWS lab and helping with some of the details in this blog.

Humair Ahmed, Sr. Technical Product Manager, VMware NSBU
Bhushan Pai, Sr. Technical Product Manager, VMware NSBU
Matt Karnowski , Product Line Manager, VMware NSBU

With the recent acquisition of Avi Networks, a complete VMware solution leveraging advanced load balancing and Application Delivery Controller (ADC) capabilities can be leveraged. In addition to load balancing, these capabilities include global server load balancing, web application firewall (WAF) and advanced analytics and monitoring.

In this blog, we walk through an example of how the Avi Networks load balancer can be leveraged within a VMware Cloud on AWS software-defined data center (SDDC).

Continue reading

VMware Cloud on AWS: NSX Networking and Security eBook

Check out my latest book co-authored with my colleagues Gilles Chekroun (@twgilles) and Nico Vibert (@nic972) on VMware NSX networking and security in VMware Cloud on AWS. Thank you Tom Gillis (@_tomgillis), Senior Vice President/General Manager, Networking and Security Business Unit for writing the foreword and providing some great insight.

Download the eBook for Free

I’ve been very fortunate to have the opportunity to publish my second VMware Press book. My first book was VMware NSX Multi-site Solutions and Cross-vCenter NSX Design: Day 1 Guide. This book was focused very much on NSX on prem and across multiple sites. In my latest book with Gilles and Nico, the focus was on NSX networking and security in the cloud and cloud/hybrid cloud solutions.

You can download the free ebook here:

In this book you’ll learn how VMware Cloud on AWS with NSX networking and security provides a robust cloud/hybrid cloud solution. With VMware Cloud on AWS extending or moving to the cloud is no longer a daunting task. In this book, we discuss use cases and solutions while also providing a detailed walkthrough of Continue reading

VMware Cloud on AWS SDDC 1.7: New NSX Features

The latest version of VMware Cloud on AWS SDDC (SDDC Version 1.7) was released recently and is being rolled out to customers. In this post, I’ll discuss the new NSX Networking and Security features.

Looking at the features released in VMware Cloud on AWS SDDC 1.7 in the below diagram, we can see the features can be grouped into three categories: Connectivity, Services, and Operations. Further below I go into more detail in each of these specific NSX features. For a complete list of all new features in VMware Cloud on AWS SDDC 1.7 in general, check out the release notes hereContinue reading

VMware Cloud on AWS with Transit Gateway Demo

At AWS re:Invent 2018 last November, AWS introduced a regional construct called Transit Gateway (TGW). AWS Transit Gateway allows customers to connect multiple Virtual Private Clouds (VPCs) together easily. TGW can be seen as a hub and all the VPCs can be seen as spokes in a hub and spoke-type model; any-to-any communication is made possible by traversing the TGW. TGW can replace the popular AWS Transit VPC design many customers have deployed prior for connecting multiple Virtual Private Clouds (VPCs) together. In this post, I will discuss TGW and how it can currently be used with VMware Cloud on AWS. At the end of this post there’s also a video you can watch of a demo using the same setup described in this blog; feel free to jump to the video if you like. Continue reading

VMware Cloud on AWS with NSX-T SDDC – Connectivity, Security, and Port Mirroring Demo

AWS with NSX-T

VMware Cloud on AWS with NSX-T SDDC – Connectivity, Security, and Port Mirroring Demo

 

VMware Cloud on AWS with NSX-T SDDC – Networking and Security

Watch the embedded demo below or view on the NSX YouTube channel here to see several cool NSX-T networking and security capabilities within VMware Cloud on AWS. The demo shows connectivity from VMware Cloud on AWS SDDC to on-prem via AWS Direct Connect Private VIF. Access to native AWS services from VMware Cloud on AWS SDDC is also shown. Additionally, Edge security policies, distributed firewall/micro-segmentation, and port mirroring are demonstrated. Continue reading

VMworld 2018 Europe Sessions on NSX Networking and Security in VMware Cloud on AWS

VMworld 2018 Europe in Barcelona is a week away. Want to learn more about NSX Networking and Security in VMware Cloud on AWS, how you can easily deploy and secure workloads in the cloud, or how to build hybrid cloud solutions with the familiarity and capabilities of vSphere? Make sure to attend the below sessions at VMworld 2018 Europe next week. We will go into a deep dive of all the functionality and show how VMware Cloud on AWS is being used by customers. Continue reading

VMworld 2018 Sessions on NSX Networking and Security in VMware Cloud on AWS

VMworld 2018 is a week away; are you attending? Want to learn more about NSX Networking and Security in VMware Cloud on AWS, how you can easily deploy and secure workloads in the cloud, or how to build hybrid cloud solutions with the familiarity and capabilities of vSphere? Make sure to attend the below sessions at VMworld 2018. We will go into a deep dive of all the functionality and show how VMware Cloud on AWS is being used by customers. Continue reading

VMware Cloud on AWS: Advanced Networking and Security with NSX-T SDDC

Announced in AWS Summit in New York last month and also briefly mentioned on the prior blog, Announcing General Availability of VMware NSX-T Data Center 2.2.0, NSX-T networking and security is now available in Preview Mode for new SDDC deployments on VMware Cloud on AWS. Please reach out to your sales/SE contact for more information.  In this blog post, I give an overview of the advanced networking and security functionality provided by NSX-T within VMware Cloud on AWS. Continue reading

VMware Cloud on AWS with Direct Connect: NSX Networking and vMotion to the Cloud with Demo

Check out my prior below blogs here on VMware Network Virtualization blog on how NSX is leveraged in VMware Cloud on AWS to provide all the networking and security features. These prior blogs provide a foundation that this blog post builds on. In this blog post I discuss how AWS Direct Connect can be leveraged with VMware Cloud on AWS to provide high bandwidth, low latency connectivity to a SDDC deployed in VMware Cloud on AWS. This is one of my favorite features as it provides high bandwidth, low latency connectivity from on-prem directly into the customer’s VMware Cloud on AWS VPC enabling better and consistent connectivity/performance while also enabling live migration/vMotion from on-prem to cloud! I want to to thank my colleague, Venky Deshpande, who helped with some of the details in this post. Continue reading

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources If you haven’t already, please read my prior two blogs on VMware Cloud on AWS: VMware SDDC with NSX Expands to AWS and VMware Cloud on AWS with NSX – Connecting SDDCs Across Different AWS Regions; also posted on my personal blog at humairahmed.com. The prior blogs provide a good intro and information of some of the functionality and... Read more →

VMware Cloud on AWS with NSX: Communicating with Native AWS Resources

If you haven’t already, please read my prior two blogs on VMware Cloud on AWS: VMware SDDC with NSX Expands to AWS and VMware Cloud on AWS with NSX – Connecting SDDCs Across Different AWS Regions; also posted on my personal blog at humairahmed.com. The prior blogs provide a good intro and information of some of the functionality and advantages of the service. In this blog post I expand the discussion to the advantages of VMware Cloud on AWS being able to communicate with native AWS resources. This is something that would be desired if you have native AWS EC2 instances you want VMware Cloud on AWS workloads to communicate with or if you want to leverage other native AWS services like AWS S3 VPC Endpoint or RDS. Continue reading

VMware Cloud on AWS with NSX: Connecting SDDCs Across Different AWS Regions

I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. In my prior blog post, I discussed how with VMware Cloud on AWS (VMC on AWS) customers get the best of both worlds for their move to a Software Defined Data Center (SDDC) – the leading compute, storage, and network virtualization stack for enterprises deployed on dedicated, elastic, bare-metal, and highly available AWS infrastructure. Another benefit of VMC on AWS, and the focus of this post, is that you can easily have a global footprint by deploying multiple VMC SDDCs in different regions. Continue reading

VMware SDDC with NSX Expands to AWS

VMware SDDC Syndicated I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. There has been a lot of interest in the VMware Cloud on AWS  (VMC on AWS) service since its announcement and general availability. Writing this brief introductory post, the response  received confirmed the interest and value consumers see in this new service,... Read more →

VMware SDDC with NSX Expands to AWS

I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. There has been a lot of interest in the VMware Cloud on AWS  (VMC on AWS) service since its announcement and general availability. Writing this brief introductory post, the response  received confirmed the interest and value consumers see in this new service, and I hope to share more details in several follow-up posts.

VMware Software Defined Data Center (SDDC) technologies like vSphere ESXi, vCenter, vSAN, and NSX have been leveraged by thousands of customers globally to build reliable, flexible, agile, and highly available data center environments running thousands of workloads. I’ve also discussed prior how partners leverage VMware vSphere products and NSX to offer cloud environments/services to customers. In the VMworld Session NET1188BU: Disaster Recovery Solutions with NSX, I discussed how VMware Cloud Providers like iLand and IBM use NSX to provide cloud services like DRaaS. In 2016, VMware and AWS announced a strategic partnership, and, at VMworld this year, general availability of VMC on AWS was announced; this new service, and, how NSX is an integral component to this service, is the focus of this post.

Continue reading

Demo: Multi-site Active-Active with NSX, F5 Networks GSLB, and Palo Alto Networks Security

I wrote this post prior on my personal blog at HumairAhmed.com. You can also see many of my prior blogs on multisite and Cross-vCenter NSX here on the VMware Network Virtualization blog site. This post expands on my prior post, Multi-site Active-Active Solutions with NSX-V and F5 BIG-IP DNS. Specifically, in this post, deploying applications in an Active-Active model across data centers is demonstrated where ingress/egress is always at the data center local to the client, or in other words localized ingress/egress. Continue reading

VMware NSX-V: Security for VxRAIL Hyper-Converged Solutions

Check-out the new white paper on leveraging NSX-V for security within the VxRAIL hyper-converged platform. The paper outlines how VxRAIL hyper-converged solutions leveraging NSX-V for security solves many of the security challenges with traditional silo-based architectures. A brief outline is provided below. Make sure to checkout the white paper for additional details.  Continue reading

Disaster Recovery with VMware NSX-V and Zerto

NSX-V Disaster Recovery with VMware NSX-V and Zerto Note, this is a reposting of the blog that I initially posted here on humairahmed.com. In a prior blog, VMware NSX and SRM: Disaster Recovery Overview and Demo, I described and demoed how VMware NSX and SRM with vSphere Replication combined provide for an enhanced disaster recovery (DR) solution. SRM... Read more →

Disaster Recovery with VMware NSX-V and Zerto

Note, this is a reposting of the blog that I initially posted here on humairahmed.com. In a prior blog, VMware NSX and SRM: Disaster Recovery Overview and Demo, I described and demoed how VMware NSX and SRM with vSphere Replication combined provide for an enhanced disaster recovery (DR) solution. SRM also provides additional integration with NSX when Storage Policy Protection Groups (SPPGs) are used by providing the ability to automate network mappings. One of the great things about the NSX-V platform, is it can be used with any DR orchestration tool that supports the VMware vSphere ESXi hypervisor. Some of the tools customers are using with NSX include VMware SRM, Dell EMC RP4VM, Zerto, and Veeam. As SRM was discussed and demonstrated in a prior blog, Zerto and NSX together is explained in more detail below.  Continue reading

Multi-site Active-Active Solutions with NSX-V and F5 BIG-IP DNS

I’ve written several prior blogs on multi-site solutions with NSX-V discussing topics such as fundamentals, design options, multi-site security, and disaster recovery; see below links to review some of the prior material. In this post, I’ll discuss how VMware NSX-V and F5 BIG-IP DNS (prior known as F5 GTM) can be used together for Active/Active solutions where an application is spanning multiple sites and site-local ingress/egress for the application is desired. F5 offers both virtual and physical appliances; in this post I demonstrate using only the virtual (VE) F5 appliances. Big thanks to my friend Kent Munson at F5 Networks for helping with the F5 deployment in my lab and for providing some of the details to help with this blog post. This is the first of several blog posts to come on this topic.  Continue reading