Data center News
VMware NSX Gets A Major Micro-segmentation, Scale And Security Boost, Plus New Capabilities For Non-vSphere Environments
Joseph F. Kovar
VMware on Thursday expanded its NSX software-defined network offering with a new version for VMware vSphere environments featuring enhanced security and automation capabilities.
The Palo Alto, Calif. company also made its NSX-T software-defined solution, which targets non-vSphere environments with support for new application frameworks and architectures, generally available.
The new NSX 6.3 for vSphere and NSX-T 1.1 are part of a push by VMware to bring software-defined networking (SDN) to a wider range of environments, said Milin Desai, vice president of products for VMware.
A customer push to improve security, automation, and application continuity in both vSphere and non-vSphere environments, as well as new use cases including end-user computing, virtualized containers, and the cloud, spells opportunity for VMware and its channel partners, Desai said.
"Our vision, in general, is this is where the opportunity for NSX is," he said.
Desai noted that during VMware's full fiscal year 2016 financial report, released last week, the company was able to report that NSX is already a $1-billion-run-rate business with 2,400 customers and 850 production deployments.
VMware's continued development of its NSX software-defined networking technology is consistent with the vendor's overall strategy and in particular its cloud strategy, said Doug Cagle, cloud integration practice manager at Mobius Partners, a San Antonio, Tex.-based solution provider and VMware channel partner.
NSX 6.3 for vSphere is the next step in a natural progression to public, private, and hybrid clouds, Cagle told CRN.
"We've made a big investment in NSX training and boot camps," he said. "We believe VMware's cloud strategy around the software-defined data center, which includes NSX, is one of the best paths to the hybrid cloud model."
Greg Stemberger, technical director for the NextGen networking practice at Iron Bow Technologies, a Chantilly, Va.-based solution provider and VMware channel partner, told CRN that he has seen NSX move from pilot programs to proofs-of-concept, and is now seeing it transition into legitimate product deployments.
"These are not small implementations," Stemberger said. "There is trust in customers who are running it at scale."
Desai said NSX 6.3 for vSphere deployments has received a number of enhancements several key areas.
On the customer experience side, NSX 6.3 now integrates with vCloud Air Network, making it a more suitable offering for hosting partners, Desai said.
NSX enables businesses to scale more quickly than in the past, with upgrades not taking but two to five minutes compared to between 15 minutes and 20 minutes in previous editions. "This reduces the time needed to reboot the host and get things up and running," he said.
NSX 6.3 also scales much better and offers a significant performance boost in multi-tenant environments compared to earlier operations, and takes advantage of VMware vRealize Network Insight (VRNI), which provides management and intelligence to software-defined data center environments, he said. VMware VRNI came from VMware's acquisition last year of Arkin.
"For the channel, VRNI provides a great pre-assessment tool," he said. "Customers with vSphere can run it for free to get a GPS-like view of data center networking flows. This helps partners talk about NSX and how it will work in their environments."
VMware is also delivering on new use cases with NSX 6.3, Desai said.
The company is in the process of applying for compliance with most key security standards including FIPS-140, Common Criteria EAC-2 and ISCA corporate firewalls, he said.
NSX 6.3 also includes features that enable micro-segmenting, including an application rule manager that makes it easy for partners to help clients decide which part of their infrastructure to micro-segment, Desai said.
"Customers can look at the applications, decide what to micro-segment, and set the rules," he said. "Channel partners can not only sell NSX but also get customers going with micro-segmentation. That will make it easier to go back after the sale and add things like disaster recovery."
Customers can also use NSX 6.3 to scale virtual desktop infrastructure deployments to up to 50,000 desktops, and indeed one large business has already done so with the technology, Desai said.
Because NSX integrates easily into solutions like VMware Site Recovery Manager (SRM), partners can host disaster recovery centers to provide disaster recovery-as-a-service, he said.
For clients with remote office and branch office requirements, VMware is introducing a new pricing model based on the number of virtual machines in an office, he said. The new ROBO SKU is sold in 25-packs at a price of $500 per virtual machine, which Desai said aligns with vSphere pricing.
VMware on Tuesday also said it is bringing its NSX-T solution into general availability as a way to bring the company's SDN technology to non-vSphere environments.
NSX-T 1.1 has expanded KVM and VMware Photon container support, as well as support for new application frameworks including Container Networking Interface (CNI), Desai said.
"NSX is still under-penetrated in the existing vSphere market, where we've barely scratched the surface," he said. "But there's also a big opportunity to engage with larger enterprises looking at new applications or who want to set up their own hypervisor."
While NSX-T does not have the same core capabilities of NSX for vSphere, it does provide management of Layer 2 switching, routing, and firewalls that can be integrated into open frameworks, he said.
The combination of NSX 6.3 for vSphere and NSX-T provides an SDN platform that lets businesses cover their entire infrastructure, Mobius Partners' Cagle said.
"Everybody has the same security and other needs," he said. "It's important to customers small and large. VMware, in how it packages its solutions, has the features and editions to let customers choose what they need."
The new micro-segmentation capabilities of NSX are going to be a winner, Iron Bow's Stemberger said. "There's a big difference between pilot and production environments," he said. "Customers need to wrap security around 1,000 or more virtual machines. So I'm excited about the micro-segmentation enhancements, and the integration with VRNI. Out of the box, a lot of the work with NSX needs to be done manually. VRNI integration plus NSX 6.3 equals a lot of automation."
Mark Haranas contributed to this story.