Author Archives: Dwayne Sinclair

IMO
1

What Micro Segmentation Is Not…

NSX-vSphere Micro Segmentation Review

NSX for vSphere has a compelling use case around Micro Segmentation –

  1. The ability to orchestrate the provisioning of new Layer 2 and Layer 3 application networks via API in a matter of seconds using VXLAN as the overlay technology allowing networks to be created for each application segment on demand. There are numerous benefits in doing this but the big one is this really simplifies the mobility of applications for BC/DR purposes… Easy to move the application and its dedicated network vs dealing with the complexity of splitting Layer 2 networks that support many applications.
  2. The ability to isolate VM’s from each other using customer defined business attributes or vCenter attributes independent of the network topology using Layer 4 Stateful firewall policy. Even with VM’s on the same network segment as each other, Layer 4 Stateful firewall policy dictates how these VM’s should communicate with each other and to the outside world… If you want complete isolation of VM’s on the same network as each other, this is easily accomplished with Layer 2, 3, or 4 security policies.
  3. The ability to apply static or dynamic policy based on changing security conditions within the infrastructure. As example, a virus is identified or intrusion detected will automatically firewall protect the infrastructure from the compromised VM.
  4. Using 3rd Party extensibility, ability to extend native Layer 4 Stateful inspection to Layer 7 Deep Packet Stateful inspection…
Read More
301, Installation
0

NSX Installation and VUM/EAM Requirement

An NSX installation requires vSphere Update Manager (VUM) to facilitate the deployment of VIB modules to the Hypervisors. In environments where VUM is not deployed, the following KB article details how to bypass VUM and use VMware ESXI Agent Manager (EAM)…

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2053782

Read More
Management
0

VMworld 2015 Review – Arkin.Net

As a Lab Captain for Hands On Lab HOL-SDC-1625, most of my time at VMworld this year was focused on supporting our NSX Labs. Fortunately, we were located in the same building as the Solutions Exchange so it was a quick dash to the showroom floor to see the latest and greatest technologies VMware and partners have to offer.

I have worked with many network management platforms over the years and one of the common complains with all management platforms is the User Interface and being able to integrate both physical and virtual aspects of infrastructure in a single view. Arkin is a new company with a management UI that is unlike anything in the marketplace today. Arkin’s “Visibility and Operations Center” has one of the finest infrastructure management UI’s I have ever seen, and provides an example of how managing virtual and physical infrastructure in a single view is possible…

Read More
201
0

NSX-vSphere 6.2 VIB’s and VXLAN Troubleshooting

The following KB article details VXLAN troubleshooting but note the change to the location of the NSX-vSphere 6.2 VIB’s…

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2124894

In NSX 6.2 and later, VIB’s now have a unique directory:
https://NSX_Manager_IPaddress/bin/vdn/vibs-6.2.0/5.5-2926818/vxlan.zip

 

Read More
Geeking Out
0

VMware Extensible Debugging Tool for EPSec and NetX

VMware has a number of Engineering Tools available called “Flings” built by VMware engineers that are intended to be played with and explored as technical previews or simple diagnostic tools…

https://labs.vmware.com/flings?cat=1

The following tool is a debugger for EPSec and NetX implementations…

https://labs.vmware.com/flings/extensible-debugging-tool-for-epsec-and-netx

Enjoy!

Read More
1 2 3 4 5 6 16