Please share with the community what you think needs improvement with vRealize Network Insight.
What are its weaknesses? What would you like to see changed in a future version?
I would give 7 to 8. There is always room for improvement. For example: Deployment process ,Appliance and Proxy VM, is getting configuration done in VM Console. This configuration can definitely be done on web interface (e.g. vROPS) for sake of simplicity and admin sanity. LDAP / Active Directory integration configuration is not straight forwards as with other products on vRealize portfolio Roles and User permissions configuration differs from other products, and in scenarios where certain group of individual need to have specific permissions across vRealize products configuration is not out of the box. Clustering across Geo locations (Dual Site scenarios or different L2 Domains) or any other mechanism that can provide HA or maintain data availability across sites. Offering few sizes of deployment would benefit customers that don't have big foot print in on-prem or cloud, but still would like to get the product into their infrastructure, for whatever reason. Current size of the virtual appliance is not suitable for small and medium size environments.
I want to be able to monitor a network flow that is approximately two weeks back, but I haven't found an easy way to do this. Right now, I am not getting the result I want. So, I want to see the timeline two weeks back from now, including all the flows. I haven't figured out how to do this. If this is not possible now, maybe in the next release, as this would be a very nice function for me.
vRNI needs more remediation where it hooks into NSX. This was just brought up at the keynote speech.
It's kind of hard (to come up with room for improvement) on an almost-perfect product. Room for improvement: Maybe a little more help in regards to when you're searching for something, give me little "help bubbles" about what those terms will help search for.
Log Insight from VMware is similar to what Network Insight does. If it had some kind of plugins with vSphere, more effective plugins with Horizon View or other VMWare products, if it had interconnectivity, I think it would be more effective than it is today.
It needs improvement in terms of its efficiency.
I would like to see them expand the capabilities to infrastructure types other than just VMware.
In a very general way, I would like to see an improvement in interoperability with third-party product, from other vendors.
I'm not quite sure what features I would like to see in a future release. We haven't explored everything in the product yet. We're able to pull out of it what we need right now.
It's pretty much user-friendly, but it could always be friendlier. Anything that would make it easier would be helpful.
They can always build upon it and add more stuff, but as it stands right now, it's perfectly fine. I would like to see application identification. That would be cool.
The compatibility with each and every component of the infrastructure is the main thing that I am looking for. I would like them to make sure that it's compatible with different kinds of storage systems, etc. I have seen the compatibility list. I feel it can be more compatible than it is right now.
I would like to see more reporting features, more dashboards.
While it's not exactly a feature, what normally happens when we are trying to look at the VM flow portion is - although Network Insight does have options to integrate a few physical switches into it - we can't really get an end-to-end flow of the network. We might be using a few switches that are not supported by Network Insight. That is where they can improve, in the support for more physical switches and network devices.
In terms of room for improvement, customer education is number one. It has nothing to do with the product itself but it would help if there were an understanding of its limitations, or the fact that it is a framework, that it is extensible and that you're not getting everything out-of-the-box. What you are getting is the framework out-of-the-box. Knowing that, you're going to look to either build your own custom solutions or you're going to go to companies like ours and get a solution that is already supported and maintained, so you can focus on your company's main mission.
I want to see more in terms of microsegmentation. As of now, I can see the rules, but they are not in a readable format that I can convert to microsegmentation and can fit into NSX Manager. I'm looking for that kind of feature. Also, while it is user-friendly for the virtual part, it is not as friendly for the physical part.
There's enough information there, especially in the visualizations, but I would love to see this in a kiosk mode, where I could have a dashboard for interested stakeholders to see and appreciate what's going on. Then, moving on to a more practical level for our Help Desk, our operations team could benefit by seeing, in real-time, a visual view of the network.
Reporting could be a little bit smoother. I would like it to be more intuitive to create a report that would automatically send stuff out on a periodic basis; for a management-oversight reports and the like. You can probably do that right now, I just haven't figured it out in the interface yet.
When we talk about those micro-segmentation rules, there's an Export function. It is very macro-segmentation oriented instead. So if you choose an application, it will find the tiers within that application and say that it's communicating on, say, port 80 to a separate VLAN. There might be 200 machines in that other VLAN. You don't want to open port 80 at all of them. So we need a lot more granularity in those suggested firewall rules. It's a good start, but it's still going to require a lot more work on our side to actually make it a real rule, instead of what it's trying to do with the macro rule. I would like to see better micro-segmentation rules. That's key for me. That's our primary use case for it at this point. We might add others in the future but, at this point, that's what we need, and we're not quite getting it.
It's somewhat user-friendly but some of the data that's presented is not always clear. But that's like any tool. You just have to get used to using it.
The only real improvement they can make is to add more third-party vendors into the environment, mostly switch manufacturers, because it's really limited to Cisco equipment and there are a lot of companies out there other than Cisco.
It's intuitive and very user-friendly, but we probably have to train our technical team, or the IT staff who are plugging into it regularly, on how to optimize its use. VMware probably needs to come in and train and we need good documentation. I had a meeting with the technical account manager, and I brought to his attention that the lack of access to documentation on best practices is something that we need to address. That's something that he said he is working on. We have a meeting tomorrow and he is going to bring all of us onto the same page and, hopefully, that issue can be resolved. I came in to make sure that we can harden our security infrastructure, especially when it comes to VMware. And one of the things that I learned recently was that there are so many documents that we don't have access to regarding the use of VMware. My technical account manager promised me that the documentation will be provided to whomever needs access to it.
The product is slightly complex use, while still being user-friendly. It could use more training modules, as it is not a straightforward product.
One of the things I've asked about is regarding Log Insight, with their syslog collector. There seems to be a lot of overlap between that and vRNI. I've asked if one of those is going away or if they're moving together and I really haven't been able to get a clear answer. I would like to know that.
We just started using it so I don't really know a lot of the features yet.
I'd like to see better support for being able to search the hardware NetFlow data. It ingests fairly well, but you can't tell, in a lot of cases, what source the data came from. I'd like to see more support for picking specific sources. That way you could really make a compelling use case. There are also some difficulties where it can't exactly trace the path between source and destination but if you hit the reverse flow on the same search it shows the entire path. It continues to improve, but I'd like to see better support for hardware stuff.
After you use it for a little while you become accustomed to it but the layout doesn't feel very intuitive. You have to dig around and find the exact place where you can find the information, where you can actually see your east-west traffic, etc. I would like them to bring that information more to the forefront, instead of having to find it. Once you have learned how to use everything, it becomes easy to use.
It needs to be a little easier to use and to understand the information it's putting out. That would make it more helpful. If you're not a network person you need to understand things like network policies and concepts. If you gave it to a regular admin, it would be nice if it were easier for them to pick up what is going on, understand the flows and whether or not stuff should be talking to each other, as opposed to just port groups and IP addresses. Also, if it were more application-aware, more descriptive; if it were able to determine the application that is actually doing the communication, that would be easier. More application information: which user or account it's accessing, is it accessing this application, doing these calls, if it is accessing a script, which script is it accessing. Things like that would provide deeper analytics so I can track what's going on. It would not just be, "These people shouldn't be talking," but who is actually doing these calls. And it would be good if it could correlate the server and not just a SQL call, but which database, which server, that would be helpful. I would like to see more things along those lines.
I would like to see more interoperability on the firewall and low balancer sides. I like that you can integrate in Palo Alto networks. There is Cisco switching in there as well. We can see the actual path tracing through these products. I would like to add in there any other integrations from a services perspective, such as Big-IP F5 and some other APIs. Palo Alto has a little bit of an advantage, which is fine, but it would be great to see a little bit more integration, especially on the GUI side when we are tracking about some of that pack and flow. It would be great to be able to see other vendors be integrated into the product as well.