Vmware logo

VMware NSX Review
Provides Microsegmentation And Good Security Features For North-South And East-West Traffic Across Your SDDC


Valuable Features

The ease in which to install this product and make it work straight away without minimum changes in your physical network and is simply astonishing. The only thing you need to do when installing this product is change your MTU to 1600 (jumbo frames). It provides microsegmentation and good security features for north-south and east-west traffic across your SDDC. The performance you obtain at the virtual layer and traffic crossing for your VMs gets improved dramatically because the traffic doesn't leave the hypervisor. I'm not a network guy myself but NSX makes it really easy to understand how the virtual network pins together and how you can manage the traffic and security within your VMware deployment without the hassle of changing VLANs, adding unnecessary protocols for discovery, etc.

Encapsulating the traffic using VXLAN is a great addition. It extrapolates the number of VLANs that you can stretch to an almost infinite number of VXLAN (millions of VXLANs). In abstract, you are dealing with numerous VLANs every time you want to send traffic from one VM to another, basically VMs on different hosts within the same datacenter will be connected to the same logical switch and traffic is advertised via unicast traffic from the NSX controllers to let every body know in the environment "who is who" to minimize the amount of multicast traffic.

Improvements to My Organization

We haven't installed this in our environment yet. We have a major lab to provide our Ci-Dev team a sandpit to test apps and its security when deploying a three-tier application on our customers and test every single connection and performance before handing over the application to the customer.

Room for Improvement

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Use of Solution

Six months now.

Deployment Issues

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Stability Issues

A very stable product, it is more mature than it was four years ago when it first came out. The performance you get with this product is near-line rate.

Scalability Issues

If you have a large environment, the sprawl of Distributed Logical Routers or logical switches can be hard to manage, but you will have the same issues in a physical network.

Customer Service and Technical Support

Customer Service:

We have a direct line with VMware support and with the specialized engineer who provides support on NSX. We haven't had to open a support call yet, but the engineer we've dealt with is very capable and knowledgeable on the product.

Technical Support:

Excellent. VMware engineers are top of the line. I haven't met one engineer who doesn't know the product well that they support.

Previous Solutions

Nope, never used a network virtualisation product before.

Initial Setup

It was straightforward. Just a couple of install media and .ovf files and you're done. The interesting part comes after installation when you need to define your virtual network architecture and how you're going to deploy rules and connectivity for your VMs.

Implementation Team

In-house deployment. We're a large VMware shop and know VMware products well.

ROI

Not applicable for this product yet.

Pricing, Setup Cost and Licensing

We got the licenses from VMware as part of the NFR agreement, but you will require a medium infrastructure to deploy this initially. Lot of memory and CPU are required to have the product run smoothly

Other Solutions Considered

No, there are no other products in the market that provide network virtualisation as far as I know.

Other Advice

Download the installer, try it, and you will love it. Some hardcore network administrators will say it is not the same, and of course is not the same, but it is a new way to do things in the network space. It is the way of the future when deploying large networks in Software Defined Data Centres.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

0 Comments

Anonymous avatar x30
Guest

Have A Question About VMware NSX?

Our experts can help. 243,045 professionals have used our research on 6,016 solutions.
Why do you like it?

Sign Up with Email