NSX-T version 3.0 brings a new routing construct to the table: VRF Lite. With VRF Lite we are able to configure per tenant data plane isolation all the way up to the physical network. Creating dedicated tenant Tier-0 Gateways for this particular use case is now a thing of the past! With 100 VRFs per…
Some weeks ago I introduced you to my GitHub repository containing a set of Ansible playbooks helping people deploy a highly customizable vSphere 6.7/7.0 with NSX-T 2.5/3.0 nested lab environment. As I mentioned in the “launch” post, this project is a work in progress and during the last couple of weeks I’ve been spending many…
Read more Nested vSphere and NSX-T Deployed With Ansible – April Update
It’s finally here. NSX-T 3.0 adds support for Active Directory identity sources to be used with NSX-T role-based access control. This will make life a little easier for many customers. Previously, a separate VMware Identity Manager (vIDM) virtual appliance was required to be able to map Active Directory users and groups to NSX-T roles. Now…
Read more NSX-T 3.0 RBAC With Active Directory Identity Source
With VMware releasing new major versions of vSphere and NSX-T last week, it’s high season for nested lab deployments. My Norwegian Proact colleague Rudi Martinsen just published a great two part series on how to deploy a nested lab using vRealize Automation. My Dutch buddy at VMware Iwan Hoogendoorn is doing something very exciting with…
Read more Nested vSphere 7 And NSX-T 3.0 Deployed With Ansible
With the release of vSphere 7 comes the vSphere Distributed Switch 7.0. This latest version comes with support for NSX-T Distributed Port Groups. Now, for the first time ever it is possible to use a single vSphere Distributed Switch for both NSX-T 3.0 and vSphere 7 networking! First and foremost, this new integration enables a…
Welcome back! Today we continue our NSX-T Multisite adventure. Let’s begin with a short recap of what we did in part 1. We started off in an environment with a production site and a partially deployed disaster recovery site. Tasked with configuring the NSX-T 2.5.1 implementation for the new multisite environment, we took the following…
When it comes to creating a design for NSX-T Multisite, use case and geography are two key factors. Two common use cases for organizations to start looking at a multisite architecture are: Disaster Recovery – Protection against site failure. Availability – Workload pooling with active workloads at each site facilitating higher service availability. Site geography…
Integrating third party security services with NSX has always been a popular feature of the platform. While NSX comes with its own set of robust security services, there are scenarios where additional workload protection is required. The ability for a partner solution to leverage the rather unique layer in which the NSX platform operates with…
Read more NSX-T Guest Introspection With Trend Micro Deep Security
Recently somebody asked me if it was possible to see the current status for individual NSX-T load balancer server pool members. This information is indeed available in the NSX Manager simplified UI as you can see below: The same info can be found under Advanced Networking & Security: It’s nice that we can find this…
The next release of Terraform’s NSX-T provider will add support for the NSX-T policy API. I know many people (including myself) have been waiting for this so it’s kind of a big thing within that space. While the new NSX-T provider is not released yet (it’s still being tested), the source code is available on…
