Using NSX and Log Insight together
At VMware, we’ve noticed that a lot of users are choosing to use NSX and vRealize Log Insight together. Now, we all know that Log Insight is a great tool for delivering visibility based on the unstructured data that all digital systems leave behind (most of which are log files). This is especially true for NSX. NSX, as you know, has several important pieces, including the management UI, the controller, the end-point nodes, and the VIBs. By collecting logs from NSX and its constituent parts, you can deliver a radically improved visibility into your network.
How so? First, you’ll be able to get a better understanding of what your distributed firewalls (DFWs, for you hipsters) are doing. Getting your firewall rules right can be a bear. With NSX and Log Insight, its possible to see which rules are firing and debug those rules. This would allow to solve those nasty firewall problems a lot soon. Like when a port gets shut off for no reason. Using Log insight, you’ll be able to see what rule was triggered and why the particular port was shut down.
Second, using a collector like the one from our friends at Netflow Logic(and the related content pack), you can get a high-level view into your network, and see which connections are generating the most traffic, also known as the “top talkers”.
Micro-segmentation: The Killer Use Case
The advantages a software-defined data center, using network virtualization as a core underpinning, include service delivery speed, operational efficiency, reduced hardware dependency and lower cost. However, by far the most popular use case by customers thus far has been the use of NSX for network micro-segmentation, or the practice of building out smaller, contained virtual networks on top of the physical networks. Why are people doing this? Because perimeter-centric network security has proven insufficient, and micro-segmentation has to date been operationally and economically infeasible. With NSX, security teams, in partnership with their network and virtualization teams, are benefiting from network micro-segmentation to begin to transform their data center security architecture. For a better description of Micro-segmentation, see Rod Stuhlmuller’s interview here: http://blogs.vmware.com/networkvirtualization/2014/06/micro-segmentation-vmware-nsx.html
VMware NSX™ is the network virtualization and security platform for the software-defined data center. NSX brings virtualization to your existing network and transforms network operations and economics. – See more at: http://www.vmware.com/products/nsx
About Log Insight
VMware vRealize™ Log Insight™ delivers real-time log management for VMware environments, with machine learning-based Intelligent Grouping, high performance search and better troubleshooting across physical, virtual, and cloud environments. – See more at: http://www.vmware.com/products/vrealize-log-insight/