The September release of Network Insight brings a number of great new features focused on NSX-T, Pinboard personalization and sharing, a new SaaS datacenter location, page Auto-refresh, and a number of other new features. For this post, I’ll provide an overview of the top new features available in this release.
VMware is providing expanded NSX-T support, including the ability to collect IPFIX from distributed firewalls (DFW). Adding IPFIX support for the parts of an environment using NSX-T will allow you to plan and implement a micro-segmentation strategy and rationalize applications just as we’ve done with NSX for vSphere, the vSphere Distributed Switch, and Physical NetFlow. This release offers full visibility of VM-to-VM paths traversing NSX-T, underlay networking, router ports, and entities along the path. The screenshot below shows a path between an NSX for vSphere installation and NSX-T. With the addition of VM-to-VM paths for NSX-T, Network Insight helps to facilitate implementation and migration to NSX, improved management of multi-site NSX installations, and provides a comprehensive look at the general health of your NSX-T install. In addition to the path and flow support, we added and expanded the NSX-T entity dashboards, which I’ll cover below. For multi-site NSX installations, Network Insight will now make Universal Firewall rule recommendations that can be imported into NSX to implement your micro-segmentation strategy across multiple sites.
Applicable firewall rules are available within the path screen for NSX, including Edge and DFW rules. Checkpoint or Palo Alto rules will also appear in the path once those datasources are added.
NSX-T properties, including installed version and associated Compute Managers are available. The NSX Entity Overview provides high level details about the installation. Clicking the blue number for each entity opens a summary page for those items and the option to click into each entity for more detailed dashboards. Tier 0 and 1 router configurations, top flows, and events related to the object are presented as you scroll down the page.
As an example, selecting a router tier opens the router dashboard. The dashboard includes an L3 topology, properties, events, and configurations. You can use the time machine, just like other parts of Network Insight, to view the entity at a certain point in time. Each NSX-T entity dashboard offers detailed information presented in widgets that can be pinned to a Pinboard. I’ll cover Pinboards next.
This release allows you to create custom Pinboards from queries or widgets and share them with other Network Insight users. Think of Pinboards as a way to save commonly viewed queries and widgets in a single location. You can also control whether the Pinboards are view only or able to be edited. The Pinboards creation process is very straightforward. Widgets throughout the product include a pin on the top bar. In a few minutes very useful Pinboards can be built by pinning widgets. You only need to click the pin on a widget and the option to create a new Pinboard or add the widget to an existing Pinboard is presented. Once the Pinboard is created, you can share the fruit of your labors with local or LDAP defined users for the on premises product or authenticated users for the SaaS version. Examples of Pinboards that could be built, include commonly viewed widgets for applications and their associated overlay and underlay networking configurations, compute details, metrics, network traffic outliers, micro-segmentation planning, flow details, firewall status, and many more. Nearly all widgets in the product can be pinned easily to a Pinboard and shared with other users. Pinboards can be exported to PDF and shared with users as well.
Pinboard access has shifted to the main menu bar on the left. Here you will find a library consisting of the default pinboard and custom pinboards you have created or have been shared with you.
Dashboards and pinboards can be set to automatically refresh in this release. Auto-refresh is configured system-wide and on an individual dashboard or pinboard basis. This will allow users to have important details available for quick access to data and is very handy for daily operational needs. To access the auto refresh setting click the down arrow next to the timeframe. You can modify the refresh time up to 30 minutes, pause Auto-refresh, or disable it completely.
I’m frequently asked about whether our new features are available for both versions of Network Insight. The enhancements I’ve written about are the same for the on premises and SaaS versions. vRealize Network Insight and the SaaS version offer a parity feature-set and scale options, which is unique among products in this space. You are using the same product whether you choose to let VMware manage your installation or keep it in your datacenter. Since we’re on the topic of SaaS, a London datacenter is now available, which offers data locality for parts of Europe. Panorama 8.1 support was added for Palo Alto environments as well.
VMware continues to lead the market for software defined networking and micro-segmentation. Stay tuned for an upcoming post on using Network Insight with vSphere to plan your NSX and micro-segmentation implementation.
