• LOGIN
  • No products in the cart.

VMware NSX Beginners Guide

VMware NSX and Its Objectives

VMware NSX is based on the network virtualization and security product platform that became apparent from VMware. It is the software determined platform for the data centre. This software networking platform in seconds it allows complex networking topologies to be deployed programmatically. It is complicated to set up when they are in large form and hard to manage. So this is where SDN come about to ease this process. SDNs in deploying and maintaining new networks it allows ease of deployment, management, and automation in the time of reducing and in few cases it completely eliminates the need to deploy the traditional networks. Using the software SDN abstracts the underlying infrastructure behind your existing network so that it can be programmed as separate virtual networks. As software which is from simple to complex, NSX can reproduce entire physical networks and also it implements virtual networks in a distributed architecture, allowing them to be deployed in any environment, from bare-metal servers in traditional datacentres to public and private clouds. It has a network function virtualization (NFV) capability which includes switching, routing, and load balancing all the basic networking functions. From the cloud It also allows applications to operate within the network from in any place and even across containers and virtual machines (VMs). This process can be automated so that your network expands when necessary, allowing it to meet temporary or cyclical increases in network capacity. Security features in VMware NSX are defined through the software. VMware NSX has a built-in intrusion detection system and intrusion prevention system (IDS/IPS) capability which allows it to stop security threats before they happen. Preventing data loss from external threats it also has a next-generation firewall with Domain Name System (DNS) security and Uniform Resource Locator (URL) filtering features. Favourably, NSX features micro-segmentation, which divides virtual networks and the applications residing in them into separate trust zones that are isolated from each other. This means that when a network segment is besieged, the threat is limited to the segment alone. It can then be isolated and countered accordingly.

How Does VMware NSX Work?

VMware NSX uses software to create virtual switches and routers that are used to control traffic that passes through your network infrastructure. NSX allows all other network components to be virtualized. VMware NSX decouples your network from your existing hardware. It allows your IT staff to create and delete virtual networks on-demand, as the number of virtual networks that can be created from your existing physical infrastructure is virtually unlimited. With a virtual network, your infrastructure becomes more elastic, growing or shrinking as needed.

VMware NSX comprises the following:

  • Switches and routers, and other basic network functions. These are all implemented using software and can be combined with physical hardware when needed.
  • A built-in load balancer. This is capable of managing network traffic intelligently and means better availability and scalability of virtual networks. Secure Sockets Layer (SSL) offloading via pass-through is supported, as well as server health checks.
  • A distributed firewall. It enforces custom policies at the virtual network interface card level. The firewall plays a pivotal role in the platform’s micro-segmentation feature.
  • A software-based load balancer for your applications.
  • A virtual private network (VPN) server. It has site-to-site and remote access capabilities.
  • A REST-based application programming interface (API). This facilitates integration with third-party products and services.

With NSX, your applications can run on any of your virtual networks. Thus, your applications need only to be configured once before they can be deployed anywhere across your network. An encapsulation protocol is applied to all traffic that flows across the network. VMware has an active partner ecosystem that offers additional solutions that can be integrated into NSX.

VMware NSX components

A VMware NSX setup consists of various components. In the overall setup each of them has a specific role. Some components are deployed in form of an appliance. Few others are installed as a module into the Hypervisor that is the NSX Controllers implements a network control plane that perform packet forwarding for controlling the Open vSwitch (OVS). Controller Cluster nodes cooperate to manage all OVS devices and enforce consistency between the logical network view which is defined through the NSX API and the transport network view which is implemented by OVS-enabled access switches. As Transport Nodes Hypervisors, NSX Service Nodes, and NSX Gateways are represented in NSX. A transport node which runs Open vSwitch is an any physical or virtual device. It is also managed by the NSX Controller to implement logical networks. The NSX Manager provides a GUI to configure an NSX network and for operators to set up the network. It is not used by OpenStack itself and could be removed in the case that the operator uses CLI commands for all setup and configuration steps.

Hypervisors: To provide network connectivity for VM-based workloads it authorizes Open vSwitch. In NSX using the transport node entity such as Service Nodes and Gateways, hypervisors have been represented.

Gateways: An NSX Gateway connects logical networks to the data centre’s physical network or to physical applications.

Service Node: NSX Service Nodes offload network packet processing from hypervisor Open vSwitches, such as broadcast, unknown unicast and multicast replication, and CPU-intensive cryptographic processing.

Main Features and Benefits of VMware NSX

Following are the features and benefits of VMWare NSX:

  • Network automation: Deployment and configuration of the network infrastructure through code is performed automatically. To specific requirements the infrastructure is adaptable and the virtual components can be added as needed.
  • Multi-cloud and on-premises support: In any case Virtual networks would appear the same where they are deployed, making them easier to support.
  • Network segmentation: Virtual networks are divided into segments that are separate from each other. Any adverse impact from an attack against the network is contained within the affected segment.
  • Minimal cost and resource overhead: There is no longer in need of maintenance of expensive network equipment through software, acquisition with implementation of networking and security.
  • Switching and routing: These are all logically attached to the network and also done through coding and with applications and virtual machines. Virtual networks feature scale-out routing with an active-active failover system.
  • Load balancing: These are either packet-based or socket-based, with an L4 load-balancer using the former and an L7 load-balancer responsible for the latter.

Difference between VMware NSX-v and VMware NSX-T

VMware NSX comes in two versions, namely:

NSX for vSphere (NSX-v): This older version requires both VMware vSphere and VMware vCenter. VMware NSX-v supports one and only vSphere hypervisor environments.

NSX-Transformers (NSX-T): This newer version supports different virtualization platforms and multi-hypervisor environments. NSX-T supports various network virtualization stacks, which includes Kubernetes, OpenStack, KVM, Docker, and Amazon Web Services (AWS). VMware NSX-T does not require a vCenter Server. The company provides a guided migration path for organizations still using NSX-v. VMware recommends using NSX-T if you want to take lead of micro-segmentation and the automation features in NSX. 

Conclusion

Along with the ability to create on-demand logical networks using VXLAN, the NSX Edge Services Gateway assists users deploy various logical network services such as firewalls, DHCP, NAT, and load balancing on these networks. Vmware NSX training is centered on setting up, designing, and directing the most recent form of VMware NSX. Individuals who get this preparation will have the capacity to comprehend to sensible switch, Edge administrations portal, Service Composer, Role-based access control, Edge firewall, Flow Monitoring, information endpoint, circulated firewall, VLAN-to-VXLAN connecting many more. Gologica provides an in-depth understanding of VMware NSX. This preparation empowers you to work adequately in a virtualized SDDC condition. We help you to achieve it and lend our hand to the organisation and individual’s career to ace in the industry. Happy Learning!!

Author Bio

Kavya Sathvik, A content strategist at Gologica. She has 2 years of experience in content writing. Passionate about writing technical content and also creating effective content strategy for brands and blogs. Contact her: Linkedin

GoLogica Technologies Private Limited. All rights reserved 2024.