NET2810BU Feel The vRNI Overcoming Operational or ... · Amazon Web Services vRealize Network...
Transcript of NET2810BU Feel The vRNI Overcoming Operational or ... · Amazon Web Services vRealize Network...
Sean O’Dell@theseanodell
NET2810BU
#VMworld #NET2810BU #vRNI
Feel The vRNI
Overcoming Operational Challenges with NSX and Underlay Networking with vRealize Network Insight
Geoff Wilmington@vWilmo
VMworld 2017 Content: Not fo
r publication or distri
bution
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
#NET2810BU CONFIDENTIAL 2
VMworld 2017 Content: Not fo
r publication or distri
bution
NSX Vision: Driving NSX everywhereManaging security and connectivity for many heterogeneous end points
New app frameworks
Branch offices/Edge computing/IOT
End users
On-premises data center
Automation
IT at the speed of business
Security
Inherently secure infrastructure
Application Continuity
Data center anywhere
Cloud
vCloud AirNetwork
VMworld 2017 Content: Not fo
r publication or distri
bution
Customers CertificationsDeployments
2017
2016
Q2 2,600+
Q2 1,300+
2,600+ customers across all
industries and organizational
sizes — representing 100%
year-over-year growth
Over two new deployments of NSX
per day. Number of deployments
increased 3x year-over-year
8,800+ Certified NSX
professionals
NSX
NSX customer momentum is growing exponentially
VMworld 2017 Content: Not fo
r publication or distri
bution
SERVICEPROVIDER
HEALTHCARE FINANCE TECHNOLOGY PUBLICSECTOR
EDUCATION RETAIL TRAVEL ANDTRANSPORT
NSX is everywhere
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud on AWS
New Announcements
NSX-T 2.0 & vRealize Network Insight 3.5Expanding to cloud and containers
A service that delivers a seamless extension for vSphere customers in AWS
VMware Cloud Services
VMware Cloud Foundation 2.2Integrated SDDC experience for on premise and cloud providers
VMware AppDefenseNew data center endpoint security product (formerly Project Goldilocks)
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud Services
ON PREMISES DATA
CENTER
APPS APPS APPS APPS
Discovery Cost Insight Network Insight NSX Cloud AppDefense Wavefront
ON PREMISES DATA
CENTER
VMware Cloud Services
MANAGE SECUREGOVERN
➔ Built ground up to deliver
unbiased solutions for all Public
and Private clouds
➔ SaaS delivery
➔ Seamless usage through
integrated access, billing and
support
➔ Manage, govern and secure cloud
native and existing apps
VMworld 2017 Content: Not fo
r publication or distri
bution
• Scale across large NSX
deployments with powerful
visualizations for topology and
health
• Avoid configuration issues with
NSX deployments based on
health checklists
• Quickly pinpoint issues for
resolution with the help of
intuitive UI and search
• Discover and monitor applications
across your datacenter and AWS
• Troubleshoot network connectivity
issues between VMs with visibility
into virtual and physical data
center network layers
• Rapidly identify issues through
pro-active events and alerts
• Understand application
dependencies by analyzing
traffic flow patterns between
VMs
• Accelerate micro-segmentation
planning and use firewall rule
recommendations to improve
cloud security
• Continuously monitor,
troubleshoot, and secure clouds
VMware Network Insight: Simplify Cloud Network and Security OperationsPurpose-built for Network Virtualization and Public Clouds
Plan and manage
application security Troubleshoot networks with
360-degree visibility
Ensure health and availability
of VMware NSX deployments
VMworld 2017 Content: Not fo
r publication or distri
bution
What’s New
General UI Chans
• Assess compliance for NSX-V environments.
• Available with the Enterprise edition and NI ServicePCI Compliance Dashboard
• Updated VRF, Edge VM, and router dashboards
• Better layer 3 visibility, additional properties VRF, NAT rules, networks, etc...NSX Edge Dashboard
• NSX IPFIX support for NSX data source
• Provides deeper flow details, including dropped (deny) firewall actionsSupport for NSX IPFIX
• Updated Path dashboard
• ECMP edges and path details supported.ECMP Support in Path
• Check Point firewall, Brocade MLX, HP OneViewNew Third Party Devices
• New Dashboard widgets and navigation enhancements
• Add widgets to My View dashboard for timely access to important dataEnhanced Dashboard Options
• Migration between proxies within same instance
• Proxy removal supportedData Source Migration
• Support for multiple licenses
• Allows mixed Advanced and Enterprise EditionsLicensing Changes
• Enforced capacity limits
• Applications option added to Security menu Miscellaneous Enhancements
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware
NSX Edge
VMware
NSX
Manager
Various
Network Vendor
Switches /
Routers
Cisco UCS /
Rackmount
VMware
vCenter
VMware
NSX
Controller
VMware
vSphere
(ESX)
HTTP: 443
SSH: 22
SNMP: 161SSH: 22SSH: 22
HTTPS: 443SSH: 22
SNMP: 161HTTPS: 443
Read-Only Credentials
IPFix: 2055
Data Sources
Network Insight Proxy VM (Collector)
Network Insight Platform VM
HTTPS: 443
UI Access
(Chrome and Firefox only)
HTTPS: 443
Additional ports access
needed for appliance
debugging:
Port 22 (SSH)
Port 5480 (HTTP)
HTTP: 443Amazon
Web
Services
vRealize Network Insight ArchitectureVMware Cloud
(Upgrade,
Registration and
Support Server)
HTTP: 443
NSX IPFIX records are generated via NSX DFW
and sent from each ESXi host
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware
NSX Edge
VMware
NSX
Manager
Various
Network Vendor
Switches /
Routers
Cisco UCS /
Rackmount
VMware
vCenter
VMware
NSX
Controller
VMware
vSphere
(ESX)
HTTP: 443
SSH: 22
SNMP: 161SSH: 22SSH: 22
HTTPS: 443SSH: 22
SNMP: 161HTTPS: 443
Read-Only
IPFix: 2055
On-Premises
Data Sources
Proxy VM (Collector)
UI AccessHTTPS: 443
HTTP: 443
Amazon
Web
Services
Network Insight Service Architecture
VMware Cloud ServicesNetwork Insight
HTTP: 443Read-Only
Upgrade, Registration and
Support Services
NSX IPFIX records are generated via NSX DFW
and sent from each ESXi host
VMworld 2017 Content: Not fo
r publication or distri
bution
Capability vRNI ADV vRNI Enterprise /
Network Insight Service
Flow Analysis (VDS IPFIX, V-to-V, V-to-P)
NSX Firewall M-Seg Planning & Operations (NSX IPFIX)
NSX Day 2 Ops (Topology view, best practice checklist, NSX Edge Health
dashboard)
VM Paths w/ Physical Switches & Routers
3rd Party Firewall Visibility
AWS VPC, Security Groups, Tags in M-Seg Planning
Visibility and troubleshooting with AWS VPC, EC2, tags, Security Groups
PCI Compliance Dashboard
Configurable and extended retention period for data
Network Insight Feature Comparison
VMworld 2017 Content: Not fo
r publication or distri
bution
DEMO
VMworld 2017 Content: Not fo
r publication or distri
bution
APPLICATIONS ARE SOFTWARE.
YOUR NETWORK SHOULD BE, TOO.
#NET2810BU CONFIDENTIAL 27
VMworld 2017 Content: Not fo
r publication or distri
bution
Join VMUG for exclusive access to NSX
vmug.com/VMUG-Join/VMUG-Advantage
Connect with your peers
communities.vmware.com
Find NSX Resources
vmware.com/products/nsx
Network Virtualization Blog
blogs.vmware.com/networkvirtualization
Dozens of Unique NSX Sessions
Spotlights, breakouts, quick talks & group discussions
Visit the VMware Booth
Product overview, use-case demos
Visit Technical Partner Booths
Integration demos – Infrastructure, security, operations,
visibility, and more
Meet the Experts
Join our Experts in an intimate roundtable discussion
Free Hands-on Labs
Test drive NSX yourself with expert-led or self-paces
hands-on labs
labs.hol.vmware.com
Training and Certification
Several paths to professional certifications. Learn
more at the Education & Certification Lounge.
vmware.com/go/nsxtraining
Engage and Learn Experience
Try Take
Where To Get Started
#NET2810BU CONFIDENTIAL 28
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution