“If your organization is interested in improving the agility, security, and economic efficiency of your networks, ESG Lab recommends taking a close look at VMware NSX.”

ESG Lab recently reached out to the VMware technical product marketing team about the network virtualization and security platform, VMware NSX.  The team at ESG had set a goal of examining the NSX platform to better understand how network administrators in organizations from SMBs to large enterprises leveraged NSX and used tools to aid in the operational aspects of network virtualization.  Many benefits come with modern software tools on better visibility, ease of troubleshooting, and OpEx-related savings related to faster time to resolution for mission critical workloads. ESG wanted to evaluate and consider existing tools as well as newer tools in the VMware portfolio to substantiate these potential benefits.

Application architectures are drastically changing and enterprise networking and IT teams are seeing a shift in the requirements, based on emerging cloud-based architectures.  Since modern business agility drives the network to support new architectures and newer consumption models, and the network is at the center of any IT infrastructure. ESG proposes that network security is top of mind for every organization’s CIO and CTO because secure infrastructure allows the business to have growth.  To have that secure infrastructure leading to growth, extensive tools must be available to operations and administrators allowing for visibility and control of physical and virtual resources, which is the de facto standard when dealing with modern cloud requirements.

ESG began their journey by looking at how many network administrators do their jobs today – using the CLI.  For various reasons, many administrative and operations teams still rely heavily upon this tool, command line interface, when configuring and troubleshooting the network.  Both vSphere and NSX provide CLI tooling that leverages the network administrator’s skillsets who may have only ever managed physical networks in the past.  The NSX Central CLI is a great tool that even goes beyond the typical CLI model where all NSX elements (logical switches, distributed logical routers, firewalls, service gateways, etc.) are accessible from a central location.

Next, ESG wanted to focus on the type of administrator who prefers graphical tools to manage and operate their network resources.  For VMware today in the data center, a powerful visual tool would be vRNI (vRealize Network Insight).  ESG built a proof of concept (POC) network to show and validate visibility and pathing detail for both the NSX components as well as for some the physical network devices (switches, firewalls) in the topology.  Visibility and visualization examples were considered and provided in the full ESG Lab Review report. As an example, VMware vRealize LogInsight with the NSX for vSphere content pack is shown to provide additional value, and our partnership with Gigamon for security and analytics of data traffic were all highlighted.

Additionally, some of the newest NSX tools were tested and validated – Application Rule Manager, Traceflow, and Endpoint Monitoring.  vRNI was used again to diagnosis a specific real-world network issue as well as production application examples of securing and micro-segmenting through automated DFW/Service Composer rules. These capabilities showed ESG labs that VMware exhibits a comprehensive approach when it comes to operationalizing and troubleshooting network virtualization with NSX.

ESG Lab Review Figure 11. NSX Endpoint Monitoring

ESG Lab Review Figure 11. NSX Endpoint Monitoring

Troubleshooting Connectivity with vRealize Network Insight

ESG Lab Review Figure 14. Troubleshooting Connectivity with vRealize Network Insight

To summarize, ESG Lab concluded VMware NSX “provides a simple, scalable, elastic, and highly available network that is more than a viable alternative to traditional hardware-based data center topologies”.   Additionally, some of the newer VMware software tools, like vRealize Network Insight, provide visualization and time to resolution gains above and beyond what traditional network administrators and operations team have struggled to deal and use or even operationalize in years past. Customer validation mentioned in the report includes “increased network throughput ten times,” “time to provision new systems with secure connectivity was reduced by 75%,” “time to implement [new application servers] from 12 weeks to just 20 minutes,” and “reducing the cost of running their application servers by 90%.” To read the full ESG Lab paper providing 3rd party validation of the networking and security benefits with VMware NSX and VMware vSphere cloud management tools – download it here.