The newest release of vRealize Network Insight and the Network Insight Service include a number of great new features. We are supporting several new scenarios for Amazon Web Services (AWS) customers. Another new feature is Infoblox Grid Manager integration (coming soon to the Network Insight Service) to enrich physical NetFlow data. Network Insight provides better visibility into system health, where problems are quickly brought to your attention. Upgrades and cluster extensions are now a few simple clicks, making it a no-brainer to expand and update your install. In this post, I’ll focus on a few of the key features for this release.
VMware added support for native AWS entities, EC2 VMs, security groups, VPCs, tags, and flow traffic in the 3.4 release. This provided the ability to understand and plan application security for AWS workloads. Since that release, we’ve also given you the ability to view and troubleshoot security groups and firewall rules in AWS. For the new release, flow traffic is analyzed where overlapping IP addresses and CIDRs are configured among VPCs. Furthermore, VPC peering is supported within and between AWS accounts. This includes visibility for primary and secondary subnets within VPCs. The result is source and destination flow details, workload details, and AWS managers, within and between VPCs that have identical CIDRs or have peering configured, are all visible. The release also adds support for the same level of flow and workload details in hybrid application scenarios using the native AWS VPN and VMware NSX IPsec VPN. Notice in the screenshot, we can see two different workloads in different VPCs, which share the same IP address and CIDR. These flows and object details can be used for micro-segmentation planning, application rationalization, or general troubleshooting.
In the 3.6 release, late last year, VMware introduced physical NetFlow collection to Network Insight. NetFlow data lacks the configuration and naming metadata gathered and displayed in Network Insight with IPFIX flows. For example, I can look at IPFIX flows in Network Insight and see a wealth of information about workloads, overlay network entities, and associated flow traffic or look at an ESXi Host and see associated flow traffic. Network Insight owes that experience to the integration with VMware vCenter and VMware NSX. To bridge that gap, the product provides the option to import BIND or CSV files and “enrich” flows with domain and host details. The ability to add vLAN data was included as well. For the new release, Infoblox support is provided for physical Netflow data. As a result, I can search, plan security, and build applications based on domain information collected from Infoblox. Plus a new DNS provider object is available making it easy to find all flows matched to DNS A records from Infoblox. An example of the DNS Provider Infoblox information within a flow is displayed in the screenshot. Also search can be used to find flows associated with a specific DNS provider.
A few other enhancements include support for analyzing up to 4 million flows within the planning and flow UIs. Previously Network Insight supported 2 million flows. This is a tremendous increase over the previous version of the product. Other enhancements include support for up to 60,000 VMs in the Network Insight Service. Clusters can be created and expanded with a few clicks in the UI. Additionally we offer a centralized upgrade option for single and multi-node installations. Simply upload a single update package and Network Insight will update all platform and proxy VMs. Another new feature gives organizations the option to leverage LDAP compliant groups for authentication and authorization in Network Insight. Choosing whether to authenticate users, if they belong to a specific group or not, becomes an easy option. Finally, Sixty-one new system health events were added, including new overall system, platform, proxy, and data source dashboards to help you quickly identify problems and keep the data flowing.
Stay tuned for more updates in the near future!
