VMware Launches NSX-T 3.0
VMware’s popular software-defined networking and security platform NSX-T is being revamped with the launch of NSX-T 3.0, which became available for channel partners to sell Wednesday.
“We are the industry’s only complete Layer 2 to Layer 7 stack solution with a single code base, single policy, single control point and a single scale-out platform—that’s very powerful and very unique,” said Umesh Mahajan, senior vice president and general manger of NSX networking and security at Palo Alto, Calif.-based VMware, in a briefing with analysts and media. “With almost a single API, we can deploy the workload, provide network connectivity, security and load balancing. This is what our customers are finding really powerful with the NSX platform.”
NSX-T offers software-defined infrastructure for building cloud-native application environments and supports network virtualization stacks for Docker, Kubernetes, OpenStack and Amazon Web Services native workloads, to name a few. The platform supports different hypervisors with a focus on cloud-native apps, bare-metal workloads, containers and multi-cloud environments.
CRN breaks down the five most important new features and functionalities in the platform.
NSX-T 3.0 For 5G
NSX-T 3.0 includes new features such as Level-3 EVPN (Ethernet Virtual Private Network) for better virtual machine (VM) mobility, multicast routing for scalable networking, and accelerated data plane performance.
Tom Gillis (pictured), senior vice president and general manager for networking and security at VMware, said the company is witnessing a “strong uptick” in the telecommunications space. “Eight of the 10 largest telcos in the world have adopted NSX as we see an increasing demand for that driven by the move toward 5G,” Gillis said.
VMware’s NSX-T 3.0 with SD-WAN acts as an intelligent overlay in conjunction with 5G’s network underlays to deliver more cost-effective, application-aware services at the network edge. NSX-T is a critical piece of VMware’s Virtual Cloud Network that allows operators to build scalable networks to support 5G and large edge computing environments. The platform plays a key role in accelerating network performance and efficient end-to-end network operations in the network core, serving as a software-defined networking layer for virtual network functions.
The new NSX-T 3.0 includes NSX Federation, which enables enterprises to deliver a cloud-like operating model with fault isolation zones and global policies that are synchronized across all locations. A fault isolation zone allows customers to better ensure that networks aren’t brittle. With NSX Federation, customers will now be able to contain any network problems to a single zone, minimizing the severity and impact of problems when they arise. With the increased adoption of cloud computing and need to support digital transformation, there’s a high demand for enhanced data center network agility and business continuity offerings like NSX-T 3.0, according to VMware’s Mahajan.
Comprehensive Threat Protection
VMware is injecting its intrusion detection and prevention capabilities into NSX-T 3.0. NSX Distributed IDS/IPS takes advantage of VMware’s understanding of the services that make up applications to match IDS/IPS signatures to specific parts of the application. NSX Distributed IDS/IPS signatures are application- specific and only applied to the appropriate servers, resulting in fewer false positives and significantly higher throughput. VMware’s Mahajan said these new NSX-T 3.0 capabilities enable efficiency and flexibility that can’t be matched by legacy and proprietary hardware-defined systems and is a major differentiator of NSX’s software-based scale-out approach.
NSX-T 3.0 Bolsters Tanzu Kubernetes Push
VMware recently made its new Tanzu Kubernetes portfolio available to the world. The company’s new Kubernetes container platform and integration of its container orchestrator into vSphere will be elevated with NSX-T 3.0, said VMware’s Mahajan. The new NSX-T 3.0 enables enterprises to extend their container networking services—including switching, routing, distributed firewall, micro-segmentation, and load balancing—to the newly released VMware vSphere with Kubernetes and VMware Cloud Foundation 4 platforms, VMware’s Tanzu portfolio, and non-VMware Kubernetes platforms.
“Today in the container world, people have to [work] across multiple open-source elements, stick them together and make it work. Our NSX stack has all the features, all the functionality in a single place,” said VMware’s Mahajan.
Applications and microservices run on a wide variety of endpoints such as VMs, containers and bare- metal servers, which can create a challenge to consistently connect and secure them. Mahajan said NSX-T 3.0 treats containers and VMs as “first-class citizens.”.
NSX-T 3.0 Supports New vRealize Network Insight 5.2
In addition to NSX-T 3.0, VMware Wednesday unveiled vRealize Network Insight version 5.2. VMware’s vRealize Network Insight will now support NSX-T 3.0, available as on-premises software or Software as a Service.
VMware vRealize Network Insight 5.2 includes new flow-based application discovery, leveraging unsupervised learning, enriched network flows and advanced application labeling algorithms to discover application and tier boundaries. These new features provide insight into network communication density, application patterns and enhanced security recommendations. Other enhancements with vRealize Network Insight 5.2 include AWS Direct Connect support, VMware SD-WAN application and business policy statistics, and enhanced Kubernetes visibility.
“This literally is taking the load off of IT [administrators] that had to manually configure these and put it in this machine-learning algorithm,” said Sanjay Uppal, senior vice president and general manager of VMware’s SD-WAN VeloCloud business unit. “Now, within the space of a few minutes or hours, we can tag all the traffic that is going across.”
The vRealize Network Insight 5.2 platform offers end-to-end network visibility and analytics to optimize network performance and troubleshoot the entire Virtual Cloud Network—including the virtual overlay and physical underlay—spanning data centers, multi-cloud environments and remote office or branch locations. “Now what you can do, for a transaction that you have from the LAN of the branch all the way to the data center, you can segment it out and say, ‘How much of your latency budget was spent in the LAN versus the WAN versus the data center?” said Uppal.