VMware discussing NSX Notes

Agenda

  • NSX 201 cross centre metro cluster, data centre migration / DR use case
  • NSX futures – distributed network encryption, management of containers, securing multiple clouds
  • VMware strategy for the cloud native applications and dev ops
  • Deep dive on Photon, lightwave, container management

NSX Discussion
How does NSX protect against bank attach or Twitter hack

NSX micro segmentation (isolation of apps)  ..DFW

3rd party integration like trend , Mcafee .. Steer traffic for layer 7 traffic.. For malware inspection.. Security tag VM.. It tells NSX to automate a policy, possible a quarantine policy

3rd party’s develop the tags ( protects against bank attach or Twitter hack etc ). NSX relies on the 3rd party NSX tags to apply a policy. NSX does have some features for tagging using activity monitoring an VM tools. VM tools can see what is running within the VM.

DMZ anywhere .. How long to provision a VM web facing and secure. NSX can spin it up instantly.

Secure user environment ..

Overlay virtual networking ( abstract )
Stretch across sites
Tunnelling ( change from vLans etc )
Logical layer 2. Packet in envelope. Encapsulate the traffic.
Vxlan

NSX is distributed across hosts rather than all going via a central physical firewall.

Develop cloud – Strategy vRealise but also others such as openstack
Others doing networks , Neutron in theory not as scale able. Challenge is abstraction layer.

Time to setup a PoC!!!

VMware do a NSX 2 day training

 

Containers – Cloud Native Apps

Contains, Windows 2016 ,G1 -> G2 -> G3 photon
Challenges with containers
Containers sit in the same user space on the same VM. Deploy multiple containers only appear as one VM in vcentre.