This post is also available in: German
Yesterday the eighth release of NSX-T went GA. Yes, you can hear and marvel, besides the expiring, NSX for vSphere (early 2022) this is already the eighth public release of NSX-T. In addition to on-premise multi-hypervisor support, it allows a uniform security policy to be implemented in hybrid and multi-cloud environments, no matter whether the workloads are in VM or container formats.
Previously, VMware already had some non-public versions internally. In addition, it shouldn’t be forgotten that NSX originates from the former Nicira acquisition. At that time they had a focus on the KVM world with their SDN technology. So the technical platform idea of the SDN solution NSX is already at least one decade old.
My co-authors and I will certainly take a very, very detailed look at the topic. What jumps in my eye in this release:
Much easier installation especially due to the support of vSphere VDS 7.0, which saves new customers the vSwitch migration during the NSX installation from VDS to N-VDS.
And: VMware proves that it is also a security company. Besides IDS and URL analysis, there are also improvements with NSX Intelligence which makes the setup and configuration of micro segmentation super easy. We are in a stage where NSX-T has to be seen as a distributed ALG (Application Layer Gateway), so that technically FW hardware appliances but also load balancers in the data center aren’t required. This simplifies the data center architecture considerably.
So cheers NSX, to the next decade of innovation with this milestone!
- NSX-T 3.0.0 brings to you a treasure trove of features & capabilities – Highlighting some of them:
- Cloud-scale Networking: NSX Federation
- Intrinsic Security: Distributed IDS, Micro-Segmentation for Windows Physical Servers, Time based Firewall Rules, and a feature preview of URL Analysis
- Modern Apps Networking: NSX-T for vSphere with Kubernetes, container networking and security enhancements
- Next-Gen Telco Cloud: L3 EVPN for VM mobility, accelerated data plane performance, NAT64, IPv6 support for containers, E-W service chaining for NFV
- L2 Networking: NSX-T support on VDS 7.0, RHEL 7.6 and RHEL 7.7 support, Edge Bridge with Policy based UI support, MAC Limit per VNI, Support for Windows 2016 Bare Metal Server, etc.
- Edge Platform: New Edge VM XLarge form factor, Enhanced convergence time on Tier-0 gateway, Enhanced Edge VM deployment, AMD EPYC support
- L3 Networking: VRF Lite support, L3 EVPN support, DHCP server policy and UI, L3 Multicast (Phase1), IPv6 (NAT64, Stateful DHCPv6 Support), etc.
- Firewall and Identity Firewall related features and enhancements
- Service Insertion and Guest Introspection related features and enhancements
- Load Balancing: DLB for vSphere with Kubernetes, JSON Web Token Support, IPv6 Support for LB Virtual Servers and Members, etc.
- VPN: Local egress for L2VPN, On-demand DPD, L2 VPN on Tier-1 LR, PMTU Discovery, Stateful Fail-over for VPN Sessions, etc.
- Automation, OpenStack and other CMP: Search API available, Terraform Provider 2.0.0 for NSX-T, Ansible Module 3.0.0 for NSX-T, OpenStack Integration Improvements
- Container Networking and Security: IPAM Flexibility, Container Inventory & Monitoring in User Interface, NCP Component Health Monitoring
- NSX Cloud: App-ID and URL Filtering, Support SLES 12sp3 (SUSE 12 SP3), Support for VPNs in agentless VPCs and VNets, etc.
- Operations: SNMP Traps, Alarm Framework. Alarms/Events, Traceflow observations for Spoofguard, etc.
- Inventory: NSX Tag Listing and Bulk Action Support, Physical Servers Listing
- Usability and User Interface: Graphical Visualization of Network Topology, New Getting Started Wizards, UI Design Improvements for System Appliances Overview, etc.
- Licensing: New VMware NSX Data Center Licenses, vShield Endpoint Management Support, Change in default license & evaluation key distribution, NSX Evaluation License Expiration
- AAA and Platform Security: Native AD based Authentication via LDAP, Integration with OpenLDAP, Enable/Disable Cookie based Authentication/Basic Authentication, etc.
- NSX Data Center for vSphere to NSX-T Data Center Migration: Migration Coordinator with Maintenance Mode, Migration from NSX for vSphere to NSX-T using vDS 7.0
- NSX Intelligence 1.1.0: New features related to NSX Intelligence Visualizations, Recommendations, and Platform