In our most recent Twitter chat, we were joined by Vivek Bhandari, Varun Santosh, and Srini Nimmagadda to answer common questions about NSX-T 3.2, its benefits, how it works, and more. Dive in below for the full recap of our NSX-T 3.2 #VMwareNSXChat.
Question 1: If you had to describe NSX-T 3.2 to a friend using just one sentence (or using just 280 characters) what would you say? #VMwareNSXChat
Varun: Stronger security, simplified networking, easy operations – what’s not to like #VMwareNSXchat!
Vivek: It’s like going from a flip phone to a touch screen smartphone. Gamechanger! #VMwareNSXChat
Question 2: What are the key Networking and Policy enhancements? #VMwareNSXChat
Varun: NSX-T 3.2 simplifies network provisioning thru prescriptive NSX deployment from vCenter, deeper integration with Antrea, Federation support for VM tag replication, enhanced migration coordinator, and enhanced monitoring and troubleshooting. #VMwareNSXChat
Question 3: What are the key security enhancements? #VMwareNSXChat
Vivek: NSX-T 3.2 is a quantum leap forward bringing advanced security in a distributed architecture. It now includes network traffic analysis (NTA) and network detection and response (NDR), malware prevention with sandboxing, L7 gateway firewall, and more. #VMwareNSXChat
Vivek: Of particular interest to VMware customers is the distributed firewall support for VDS workloads, and the new vCenter plugin to easily deploy and manage advanced network security for vSphere environments. #VMwareNSXChat
Srini: Enhancements to User Identity based access controls and L7 Application Identity based access controls are quite valuable to the customers as well #vmwarensxchat
Question 4: What are the benefits of those enhancements? #VMwareNSXChat
Vivek: Operational simplicity with the tapless NTA and integrated NDR capabilities! No need for network changes, no need to do network tapping! Abilityto activate advanced security across all east-west traffic at cloud scale is what this architecture delivers! #VMwareNSXChat
Vivek: Distributed firewalling support for VDS and the vCenter plugin for NSX dramatically simplifies the customer experience #VMwareNSXChat
Srini: While micro-segmentation is amazing at reducing the attack surface compared to perimeter-only defenses, modern enterprises need to understand which attacks are propagating within the network at any given point of time #VMwareNSXChat
Srini: NSX now delivers advanced threat detection and prevention capabilities, along with NDR in order to help security teams get full visibility on the attacks within the network #VMwareNSXChat
Srini: Here are the list of enhancements we’re referring to
Question 5: How does NSX-T 3.2 help defend against #ransomware attacks? #VMwareNSXChat
Srini: Detection of malware and advanced attacks on the network is a key first step in #ransomware defense. NSX Advanced Threat Prevention squarely addresses this requirement #VMwareNSXChat
Vivek: Automation plays a huge role as well – for example, customers can automatically take VM snapshots, or backup the data when a potential attack is identified, and recover from #ransomware attacks #VMwareNSXChat
Question 6: What is Tapless Network Detection and Response? #VMwareNSXChat
Varun: Learn more about our AAA rating for NDR here.
Vivek: Traditional Network Detection and Response (NDR) solutions require sensors to be installed in the network. All the visibility customers get from the NDR solution is based on the limited locations where these sensors are installed #VMwareNSXChat
Srini: With NSX integrated NDR, each Distributed Firewall (running within a hypervisor) acts as a sensor – and no additional sensors are needed in the network. (Thread 1/2) #VMwareNSXChat
Question 7: What malware detection capabilities are available with 3.2? #VMwareNSXChat
Srini: NSX Advanced Threat Analyzer (based on renowned Lastline technology) detects advanced malware engineered to defeat advanced or next-generation enterprise security tools, such as traditional sandboxes, firewalls and intrusion prevention #VMwareNSXChat
Srini: NSX Distributed and Gateway Firewalls now leverage Advanced Threat Analyzer to deliver protection from zero-day and known malware traversing the data center #VMwareNSXChat
Question 8: What’s new with NSX Intelligence in 3.2? #VMwareNSXChat
Srini: We’ve rearchitected NSX Intelligence in 3.2 to address much higher scale for hosts and flows. Large enterprises can now visualize their networks and create micro-segmentation policies using a single installation of NSX Intelligence️ #VMwareNSXChat
Srini: In addition, we’ve added Network Traffic Analysis (NTA) capabilities to identify anomalous behavior in the network #VMwareNSXChat
Question 9: What’s the upgrade effort to go from NSX-V to NSX-T 3.2? #VMwareNSXChat
Varun: Migration to NSX-T is greatly simplified with migration coordinator support for customer-defined NSX topologies, VIO, OSPF, guest introspection, and identity-based firewall config.
Varun: Or get expert help from VMware
Vivek: Assess your environment for migration. Learn more here
Question 10: What excites you the most about NSX-T 3.2? #VMwareNSXChat
Varun: It delivers the much needed network and operational simplification while further enhancing our security capabilities #VMwareNSXChat
Vivek: Early feedback from customers has been great. People are loving how the integrated advanced security that’s easy to operationalize will help accelerate their zero trust journeys for protecting their workloads across the multi-cloud environments. #VMwareNSXChat
Srini: With all the innovations we are delivering with NSX, security teams get better threat visibility for all traffic inside the network and thereby protect their critical assets. Who says micro-segmentation is only access control? #vmwarensxchat
Question 11: How is VMware making NSX easier to deploy and consume? #VMwareNSXChat
Varun: With the ability to deploy NSX using prescriptive steps within vCenter, enforce container policies and deploy NSX adv load balancer from a single console, NSX truly delivers a simplified operational paradigm for networking and security. #VMwareNSXChat
Srini: The “vCenter Plugin for NSX” introduced in 3.2 enables customers to manage firewall policies natively from the vCenter. This dramatically simplifies the customer experience for smaller customers #vmwarensxchat
Question 12: How does NSX-T solve the common networking and security challenges in #Kubernetes environments? #VMwareNSXChat
Varun: NSX-T provides enterprise-grade networking and security for K8s at pod and network fabric level. With3.2, Antrea NetSec policies for containers can be defined in NSX-T UI and applied to K8s clusters, providing a single console to manage both VMs and containers. #VMwareNSXChat
Varun: More details here
Question 13: If you had to describe NSX-T 3.2 as a gif, which would you choose and why? #VMwareNSXChat
Vivek: Incredible teamwork led to all the advanced capabilities added into NSX-T with this release. This will provide customers an upper hand in tilting the cyber security battle in their favor.
Varun: It’s a giant step towards a public cloud experience on-prem
Srini: Phenomenal security and simple. Can’t ask for more. Let’s go #vmwarensxchat
Follow us @VMwareNSX for more NSX news and updates. To learn more about our latest NSX-T releases, click here.