Reviews (1-2 of 2)
July 16, 2019
Score 10 out of 10
We are using VMware NSX for network security and management across 3 vCenters, two of which are VDI. It has allowed for micro-segmentation, native load balancing, firewalling for our servers, and broadcast suppression for a highly scalable VDI environment. It has provided simplified management and security. It has also allowed us to deploy new load balancers faster than a purchase order could even be cut, and allowed for much more dynamic security design. It has also provided the ability for us to move towards a much greater software-defined data center environment, which has allowed for greater flexibility in the future.
- Broadcast Suppression: By suppressing broadcast traffic, we have been able to deploy a single VDI network in a /18 network space, allowing for rapid growth and proper DHCP lease timing for a VDI instant clone environment.
- Networking HA: Leveraging internal mechanisms for high availability, it provides disaster resiliency to a virtual networking environment.
- Cost Savings: All available features of NSX are licensed simultaneously. Load balancers, firewalls, and routers are all licensed as features, not per object, allowing for the deployment of as many of these objects as are needed.
- Firewall rules can break all communication. If a rule is improperly written, it can block all communication to the hosts, vCenter(s), and NSX components, requiring lengthy recovery times.
- If NSX components break, it can break the entire system if it is not properly designed. No components are required to manage NSX which should exist behind NSX networks, just like no vCenter components should exist behind vCenter objects (VVols, VSAN, DVS).
Read Christina Harding's full review
With proper design, VMware NSX can and should be deployed to virtually any VMware virtualization environment, but the deployment should be tailored to the needs of that environment. There isn't really a one size fits all deployment design for all environments. That versatility is what provides its greatest strength to a business.
Score 9 out of 10
VMware NSX is being used in our high-security environments that require end to end encryption and micro-segmentation between endpoints. This was a challenge that I haven't seen another solution too besides rewriting applications which isn't always possible or reasonable. It's not widely used because of the steep price tag compared to some alternatives but has its place in the high-security environments we have deployed in several data centers.
- End to end encryption on the wire.
- Integrates well with existing VMWare environment.
- Integrates well with our existing network.
- Our biggest challenge is gaining acceptance from network engineers who are used to working with other technologies.
Read this authenticated review
Our high-security environments require end to end encryption, but also tend to have larger budgets. Since beginning utilization of VMware NSX, we've been able to meet the unique requirements for our high-security clients, but it does have a large price tag that goes along with it. This isn't a particularly well-suited solution for environments with tighter budgets, but it definitely provides security where we need it and are willing to pay for this solution.