Need a more specific use-case to get started with Micro-segmentation and the NSX Distributed Firewall? Your DMZ is an excellent place to start! Why let your blast-area be the entire DMZ network – limit the scope of damage to each individual server. OS-level firewalls are great – but are subject to being disabled once the server has been compromised. NSX, with it’s point of control at the vNIC level, completely gets around that limitation to help reduce your exposure.
Tag Archives: NSX
How NSX Uses VXLAN
NSX is referred to as an “overlay” technology but what is actually doing the work on the back end to transfer that data back and forth? VXLAN is the unsung hero protocol moving data in and out of the virtual to the physical side of the house. Join Jimmy Ray Purser as he goes thru the basics of this standards based protocol and what you need to config on your physical network to enable it as well as how it interacts with other network devices.
Rating: 5/5
NSX Firewall Demo
VMware NSX and SRM – Disaster Recovery Overview and Demo
This video demonstrates the benefits of the VMware NSX + SRM Disaster Recovery solution. A step-by-step walkthrough with demo is provided highlighting the powerful capabilities of the solution.
Rating: 5/5
VMware NSX as a Security Platform
Until now, there have really only been two enforcement points for security controls at our disposal: in the OS, and the Network. Each has their strengths and weaknesses. VMware NSX changes our options by opening up a new frontier for security, and the unique capabilities only a virtualized environment can offer.
Rating: 5/5
VMware NSX Load Balancing
In this video we explore how VMware NSX provides load balancing services with the Edge Services Gateway, how the ESG can be leveraged to provide services on demand, and allow you to pursue the DevOPs model with NSX. Additionally, we will take a look at a Tech Preview feature of NSX, the Distributed Load Balancer, why it matters, and what it means for you.
Rating: 5/5
VMware NSX Edge Services Gateway
In this video we explore the feature set of the VMware NSX Edge Services Gateway, provide a topology example, and discuss how you can use the ESG in different ways to bring L3-L7 services into you cloud.
Rating: 5/5
Routing in the VMware NSX Edge Services Gateway (ESG)
The VMware NSX Edge Services Gateway (ESG) is a virtual machine appliance which functions as a gateway and services appliance within the NSX platform. This video focuses on the routing capabilities of the ESG, as well as its interactions with the NSX Distributed Logical Router (DLR). The ESG is commonly used as a routing gateway at the boundary of an NSX environment, also known as a North – South gateway. Like the DLR, the ESG supports dynamic routing protocols in OSPF and BGP, as well as route redistribution. To provide additional architectural flexibility, up to 8 ESGs may peer with a single DLR in an Equal Cost Multi-Path (ECMP) configuration in order to maximize available bandwidth.
Rating: 5/5
Distributed Routing in a VMware NSX Environment
The Distributed Logical Router (DLR) in the VMware NSX platform provides an optimized and scalable way of handling East – West traffic within a data center. East – West traffic is the communication between workloads residing within the same data center, which is only increasing in modern data centers. In order to route between segments, traffic must be forwarded to a routing device, rather than directly to its destination. This non-optimal traffic flow is generally referred to as “hair pinning”.
The DLR component of the NSX platform prevents the “hair-pinning” by introducing an East – West routing element within the hypervisor kernel. Each host has a routing kernel module can perform routing between the segments its hosted virtual machines are connected to. The DLR is capable of advertising those connected networks to other routing devices by way of the OSPF and BGP dynamic routing protocols
Rating: 5/5
Layer 2 Bridging in VMware NSX
Not all virtual networks are going to be connected to the physical world in the same way; some VXLAN logical switches may need to be directly layer 2 adjacent to an existing VLAN backed network, or need to reach a gateway or service interface that resides on a physically defined VLAN. These are some reasons VLAN to VXLAN bridge(s) may need to be implemented within VMware NSX. This is most common in the case of a migration effort to, or if a layer 2 domain containing workloads attached to both VXLAN and VLAN backed networks required.