VMware NSX, or network virtualization, is VMware’s solution to connecting multiple networks into one large, virtual network that makes the most efficient use of the available resources. While this may sound complex and confusing, it’s actually quite simple and easy to understand once you break it down into its most basic components and see how they work together. This cheat sheet will show you how to make sure your VMware NSX implementation runs efficiently and as smoothly as possible.
- Company Size – VMware NSX is designed for companies of all sizes.
- Topology – The software can be deployed in a variety of topologies, including data center bridging, layer 2 switching, and layer 3 routing.
- Protocols – NSX supports a variety of protocols, including Ethernet, IPv4, and IPv6.
- Bandwidth – The software can be configured to support various bandwidth requirements.
- Scalability – VMware NSX is highly scalable and can be deployed in environments with thousands of nodes.
- Availability – The software is designed to provide high availability and can be deployed in redundant configurations.
- Security – NSX provides security at the hypervisor level by providing firewall protection, application-aware firewalls, intrusion prevention systems (IPS), malware detection and more.
- Management Tools – VMware has built an entire suite of management tools that are specifically tailored to managing an NSX environment, including vCenter Operations Manager (for monitoring), vCloud Automation Center (for lifecycle automation), vRealize Log Insight (for log analytics) and others.
- Software Integration – The integration between VMware NSX and other products in the portfolio makes the deployment process more efficient by leveraging features such as API integration, micro-segmentation across platforms, nested virtualization between ESXi hosts using VM cloning technology (vSphere Data Protection) and more.
- To configure VMware NSX, you’ll need to log in to the vSphere Web Client and navigate to the Network & Security tab.
- Click on the NSX Edges tab and then click the Add button.
- Enter a name for your new edge and select the datacenter where it will be deployed.
- Choose whether you want to deploy a full or compact edge appliance and select the appropriate size.
- Select the type of edge gateway you want to deploy: transit, perimeter, or other.
- Configure the network settings for your new edge appliance and then click Finish.
- Your new VMware NSX Edge appliance will now be deployed and ready for use! 8. You can see your new edge’s IP address under the Administration > Deployments tab on the left-hand side of the window. 9. Use this IP address as your external connection when connecting to your VMware NSX management console from another device outside of your data center (e.g., if you’re using SSH).
- From here, create a logical switch by clicking Create Logical Switch at the top-right corner of the screen and following steps three through five above for each logical switch that you would like to create for each tenant network in order to connect their networks together.
Network Services Architecture
The NSX network services architecture enables organizations to deploy, manage, and connect virtual machines and containers in a private data center or public cloud environment. With NSX, you can create and delete virtual networks on demand, without reconfiguring physical switches or routers. Plus, NSX provides built-in security features to help protect your applications and data. Here’s a quick overview of the key components of VMware NSX NSX Controller – Provides a single point of control for all functions in the system.
NSX Manager – Manages policy changes and general operations for controllers, edge gateways, DLR appliances, and other components in the system.
VMs with Virtual NICs – Provide connectivity from any location to any other location.
Edge Gateway – Located at the perimeter of your NSX infrastructure and serves as an entrance point into your datacenter from external systems such as internet facing web servers or remote users accessing local desktops through RDP (Remote Desktop Protocol). Edge Gateways can also be configured as stateful firewalls for more granular security options than what is available with traditional router filtering rules.
If you’re looking to get started with VMware NSX, this cheat sheet will help you understand the essentials. NSX is a network virtualization platform that enables the creation of virtual networks. With NSX, you can create virtual machines, routers, switches, and load balancers. You can also create security policies and NAT rules. The six key components are ESXi hypervisor hosts, Distributed Virtual Switch (DVS), Logical Switch (LS), Transport Zone (TZ), Edge Services Gateway (ESG), and Security Groups.
The ESG sits in front of the TZ where it provides SSL offloading, anti-virus scanning, URL filtering, malware protection, intrusion prevention system protection and packet inspection. The Edge Services Gateway acts as a gateway to external networks by managing traffic between them. You can use VLANs on either side of an NSX device for segmentation or you might want to use routing instead if your goal is redundancy.