Discover the value of VMware NSX networking for your private cloud; assessment now available in VMware Cloud Foundation 5.2
We are delighted to announce the availability of the network assessment capability in the latest release of VMware Cloud Foundation Network Operations (also known as VMware Aria Operations for Networks) 6.13.
VCF Network Operations 6.13 is part of VMware Cloud Foundation 5.2.
VMware Cloud Foundation (VCF) is known for simplifying the path to an agile private cloud, integrating compute, storage, networking, and management into a unified software-defined private cloud platform. It addresses critical IT challenges including operational complexity, scalability, and security—providing a comprehensive solution that empowers IT teams to focus on strategic projects instead of repetitive tasks.
In this blog post, we dive into what the Network Assessment is, its significance, and how it addresses the challenges of today’s data center networks.
Network assessment provides a customized view of how VMware NSX networking can help customers scale and optimize their private cloud network with agility. Network virtualization is essential to cloud infrastructure which is why NSX is built into VCF.
What is the Network Assessment in VCF?
The assessment provides a customized analysis using real application network traffic in your data center environment. It’s an easy-to-use dashboard in the VCF Network Operations user interface to understand and demonstrate how NSX, in conjunction with VCF Network Operations, can provide granular visibility into network issues and improve application performance.
Let’s look at each of the five major sections presented in the assessment.
1. Key Networking Recommendations for VCF
VCF Network Operations analyzes traffic flow patterns for a vCenter to discover potential network issues, and recommends ways to optimize your data center. It provides an inventory view of the number of VLANs, VMs configured, and hosts in the vCenter environment. It shows the various network traffic profiles in the environment and where NSX can localize and optimize traffic forwarding paths within and across hypervisors, enabling more effective use of physical network resources and improving application performance.
2. Network Performance Visibility with NSX
VCF Network Operations provides network performance visibility with a rich array of metrics. Beyond knowing the top talking hosts and VMs in the environment based on traffic volume, understanding latency visibility is vital for troubleshooting and understanding network latency issues. With NSX, latency metrics from across the network help quickly determine if a problem is in the underlay or the overlay to achieve a faster mean time to resolution (MTTR).
In addition, crucial metrics for proactive application performance monitoring such as Round Trip Time (RTT) and Retransmit Count are available with the addition of the VMware vDefend Firewall add-on. NSX offers detailed insights into the exact nature of packet drops such as unsupported destination/protocol, firewall policies, IPsec policy error/blocked, duplicate address detected, and fragmentation.
3. Network Optimization with NSX
When traffic from the source traverses across different switches through the fabric or the Internet and comes back to the destination on the same host as the source, it is classified as hairpinned traffic. Using flows and configuration interpolation capabilities, top traffic flows categorized as “hairpinned” in the environment are determined. The report explains how using NSX can help resolve the hairpins and optimize E-W traffic. With NSX distributed routing, traffic within a host is routed without going to the physical switch or the fabric, thereby eliminating hairpinning. NSX reduces load on the underlay and accelerates application performance.
4. Application-centric Networking with NSX
The report provides a topology view of how Layer 2 and 3 networks interact in the data center in the absence of isolation or customization abilities. Using NSX Virtual Private Cloud (VPCs) to create self-contained networks, applications can be easily segmented to provide isolation, customized networking and a self-service consumption model for application users to create networks, security and services. VPCs simplify network consumption in the private cloud, delivering a true cloud operating model with support for multi-tenancy, resource isolation, automated provisioning, dynamic scaling and more.
5. Crown Jewels Isolation with NSX VPCs
Important applications in a data center should be isolated and in many cases blocked from the Internet. For the assessment, customers can either identify these “crown jewels” themselves or have them auto-picked based on flow analysis.
The reachability score gives an estimate of how far the Crown Jewels are from various entities and possibly how many lateral moves are required by an adversary to reach the Crown Jewels. The score helps identify potential risks to a Crown Jewel in case of a security breach. The results identify cases where the internet is talking to Crown Jewels directly or indirectly. This info helps admins appropriately protect their Crown Jewels using VPCs.
Last but not least, users can click on the ‘Generate Report’ button to download a PDF report of the network assessment and optimization results. The document provides an executive summary of the network inventory in vCenter and performance optimization recommendations. The report can be shared internally to gain important, actionable insights based on the custom network assessment.To see a complete sample report, click here.
Getting Started with the Network Assessment
Existing VCF on-premises customers who have not activated NSX can get started on the assessment by deploying or upgrading to VCF Network Operations 6.13 from the Broadcom Support portal. The minimum configuration necessary for the assessment consists of a single node, collector, and vCenter.
Non-VCF customers can partake in a 90-day free trial of VCF. See here for more details.
Summary
NSX brings the simplicity and agility of the cloud operating model to networking in VMware Cloud Foundation private clouds. Network performance is a key factor in ensuring that your core applications and services are functioning at peak performance and employees can work at optimum efficiency.
The Network Assessment provides insights into how NSX helps with the following:
- Reduce hairpinning, enabling more effective use of physical network resources and improving application performance.
- Optimize traffic forwarding paths by localizing traffic and reducing the routed traffic.
- Gain visibility into application latency and simplify troubleshooting across physical and virtual networks.
- See how VPCs can enable isolated, self-contained networks for developers to host applications and consume networking and security objects in a self-service fashion.
We invite you to explore the new network assessment capability in VCF Network Operations 6.13 and see how it can optimize your network performance, streamline operations, and bolster security.
Engage with your account team today to learn how VCF Networking as a whole can help simplify networking, streamline network operations, reduce time-to-market, and accelerate application performance in your private cloud.
Additional Resources
VMware NSX
- Datasheet | Webpage
- Study: The Business Value of Networking and Security for VCF (IDC)
- Blog: Self-service Consumption with Virtual Private Clouds Powered by NSX
VCF Network Operations