VMware NSX Review

We have saved man-hours and decreased our security exposure


What is our primary use case?

The primary use case is the microsegmentation of all our infrastructure, which is a huge bonus. It's performed well.

How has it helped my organization?

The microsegmentation allows me to sleep at night. My job is reducing risk, plugging security holes, and working with the automated layer security. Even if somebody spins up a new server, it has to have a tag in NSX. Therefore, all the security rules are already applied across the infrastructure or automatically applied to new machines. It doesn't generate any new security holes if people have new products. It gives peace of mind that project managers are not screwing up my entire security posture.

What is most valuable?

Automation, because we're constantly onboarding massive customers. We have our own management system, which integrates nicely with NSX. Therefore, we've built an automation layer so we can deploy and completely secure new customers in a hosted environment within a couple of minutes.

Microsegmentation is incredible. It's the only way to go for managing networks long-term.

The security benefit has been huge.

What needs improvement?

I would like to have automating reporting built into common service management platforms, such as JIRA, Serviceaide, and ServiceNow. 

What do I think about the stability of the solution?

The stability has been great. I have had no problems with it. It is a robust solution.

What do I think about the scalability of the solution?

We manage a huge infrastructure, and it has not been a problem for us. It has caused no issues.

We generally load balance with separate hardware. With the normal traffic that we see between virtual machines, they never leave the host. So, there are no real issues there. We will use separate, dedicated hardware, because we are at such a scale that our customers prefer to have separate load balances in the hardware.

Which solutions did we use previously?

We jumped onboard with NSX right when it started. VMware worked with us when we had issues or made suggestions to the point that we were invited as a partner to 2016 VM World, because we contributed so heavily into NSX. It has been nice to see the things our potential pain points that we were having with NSX at the time be implemented into the product. Now, it's just seamless, which is great.

What about the implementation team?

We just bought it off the shelf and implement it ourselves.

What was our ROI?

We have saved man-hours and decreased our security exposure.

We haven't had to hire a dedicated network engineer because NSX handles 90 percent of it. The reduced overhead in terms of managing networks has been the biggest plus. 

We haven't had to buy additional switching capacity.

What other advice do I have?

Get it in your environment as soon as possible.

Network segmentation is hard. A lot of businesses still use the traditional three-tier system, because it has been proven, but it isn't particularly robust or secure. Realistically, it's a natural step in terms of network management to move to micro-segmentation. It just makes sense.

If someone is worried that the solution is too complex, they should hire people with experience.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Add a Comment
Guest
Sign Up with Email