VMware Cloud on AWS provides a range of powerful security and networking capabilities. From enforcing granular security rules for traffic using NSX Advanced Firewall, to managing complex routes between your AWS environment and external resources via Transit Connect, there’s no shortage of tools available for supporting your business’s unique requirements when you leverage AWS as part of a VMware-based SDDC strategy.
To showcase some of the most powerful security and networking features of VMware Cloud on AWS, we’ve prepared a set of short videos where Ron Fuller, Senior Technical Product Manager at VMware, explains how the features work and how to get started using them. If you’re looking for a quick introduction to key security and networking concepts that impact VMware Cloud on AWS workloads, these videos are for you.
Keep reading for links to the videos, along with summaries of what you’ll learn from each one. We recommend watching the videos in order because Ron explains core Software-Defined Data Center (SDDC) concepts as he progresses through the videos, although viewers who are already familiar with SDDC may prefer to skip ahead.
Video 1: Introduction to Security Tools in VMware Cloud on AWS
In the first video, Ron walks through the key security tools available in VMware Cloud on AWS for defining and enforcing security rules at both the network perimeter and inside the SDDC.
The tools that Ron discusses include:
- The Management Gateway (MGW), which provides networking and security protection for the management components used to configure the rest of the SDDC.
- The Gateway Firewall (GFW), which supports access controls to define which traffic can enter and leave the SDDC.
- The Compute Gateway (CGW), which is used to define access for specific network segments that network administrators create.
- Distributed Firewall (DFW), for defining firewall policies at a per-guest level to achieve micro-segmentation and create zero-trust environments.
The video summarizes how each of these tools works, how they’re configured by default, and how you can customize them to support a variety of use cases involving workloads both within and outside VMware Cloud on AWS.
Video 2: Introduction to the NSX Advanced Firewall
The second video dives deep into NSX Advanced Firewall and how it enables next-level application defense and security for VMware Cloud on AWS.
The tools described in the first video address basic network security requirements. NSX Advanced Firewall, however, goes further by delivering additional features, such as:
- Intrusion detection and prevention.
- Layer 7 firewalling.
- Active Directory/LDAP integration for per-user firewall configuration.
Ron explains the benefits of each of these features and how to take advantage of them using NSX Advanced Firewall within the context of VMware Cloud on AWS.
Video 3: Introduction to VMware Transit Connect
In video 3, you’ll learn about VMware Transit Connect and how it simplifies the process of leveraging AWS Transit Gateway as part of a VMware Cloud on AWS environment.
As Ron explains, Transit Connect makes it easy for VMware customers to take advantage of AWS Transit Gateway to interconnect external resources (like on-prem data centers or co–located workloads) to an AWS-based environment without having to configure complex networking topologies by hand. Instead, they can manage everything through SDDC Groups.
Video 4: Understanding VMware Transit Connect routing tables
The fourth video dives deeper into Transit Connect functionality by discussing how routing works for interconnected resources.
Although you don’t need to manage complex routing tables to take advantage of Transit Connect, understanding how routing works can be useful for teams that want to separate network flows, as well as for troubleshooting purposes. Ron walks through the key concepts in order to explain how Transit Connect handles routing.
Hope you enjoyed the lightboard videos! Want to learn more on this topic? Please visit the official VMware documentation page.