Lead Image © hketch, photocase.com

Lead Image © hketch, photocase.com

Microsegmentation with VMware NSX and vRealize Automation

Micro Net

Article from ADMIN 39/2017
By , By , By
VMware's NSX for vSphere platform adds security to microsegmentation, allowing security components to analyze traffic within the hypervisor.

Companies can easily and efficiently validate and control network traffic within the data center through microsegmentation. Microsegmentation is a collection of techniques designed to isolate network traffic through switching and software-defined networking. VMware's NSX for vSphere adds security to software-defined networking and microsegmentation, allows admins to filter network traffic at the level of the virtual machines (VMs) and network cards without installing an agent on the VM.

In traditional environments without NSX, traffic needs to be redirected for security checking using centralized security components that often exist as physical appliances. In NSX, traffic can be analyzed on the hypervisor itself.

NSX also supports automatic creation of logical, software-segregated, VXLAN-based networks, as well as network components such as firewalls, routers, gateways, or VPN endpoints. Automated solutions today reduce the deployment time for such applications from several days to just a few minutes – and with fewer errors, as the need for manual configuration is removed.

Extensive Set-Up Time

To provision both microsegmentation and network automation in the VMware environment, you'll need the vSphere Enterprise-Plus Edition (which supports distributed switches), vRealize Automation Advanced, and Orchestrator products in addition to NSX.

You'll need to start with some preparatory work on the vSphere and NSX side, including:

  • Configuring a distributed switch in vSphere.
  • Installing NSX, which includes preparing of the physical network, configuring VXLAN, defining segment IDs, and defining one or more transport zones.

Once you have completed these preliminary tasks, you can begin the actual work, which consists of:

  • Preparing NSX for vRealize automation
  • Creating an NSX endpoint in Orchestrator
  • Configuring
...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • VMware vRealize Automation 7
    We look at VMware's tool for managing and provisioning cloud infrastructures.
  • New Features in PowerCLI 6.0 R3
    PowerCLI in the current version 6 R3 supports access to nearly all VMware data center and cloud products with around 500 cmdlets, including numerous additional features, APIs, and interfaces. In this article, we show you the most important innovations.
  • Real World AWS for Everyone
    Sure you've heard about Amazon Web Services, but have you tried it? This article shows how to configure a web server and mirrored back-end database for a small-to-midsized business environment.
  • Microsegmentation in the data center
    Microsegmentation promises substantial improvements over classic architectures for the protection of applications and increased security when building out the efficiency of a data center.
  • Successful protocol analysis in modern network structures
    Virtual networks and server structures require additional mechanisms to ensure visibility of data streams. We show how to monitor and analyze network functions, even when virtualization is involved.
comments powered by Disqus