With NSX-T 2.5 comes NSX Intelligence 1.0. This component, which is part of NSX Data Center Enterprise Plus, is something I’ve been looking forward to since it was announced.
NSX Intelligence adds a powerful analytics engine to the NSX-T platform. It provides workload and network context that is unique to NSX. Application owners and operations people can use the NSX Intelligence interface for configuration and monitoring.
Besides the NSX Intelligence data platform itself, this 1.0 release provides visualization and security rule and grouping recommendations.
Cool stuff. Let’s have a look at how to get it up and running.
The preparation and installation steps are explained in detail in the official installation documentation. I strongly recommend you follow these guides when installing NSX Intelligence. Some things to point out:
- NSX Intelligence 1.0 requires NSX-T version 2.5. The first thing I had to do was upgrade my NSX-T lab to version 2.5. In a production environment the 2.5 upgrade requires its own planning and preparations of course
- The NSX Intelligence installation comes as a tar-file. Its contents need to be extracted and placed on a web server somewhere that can be accessed by your NSX Manager cluster.
- The NSX Intelligence appliance must be deployed on ESXi managed by vCenter.
Once the environment is prepared we can start the NSX Intelligence installation.
In NSX Manager navigate to Plan & Troubleshoot > Discover & Take Action:
Click on Go to system, scroll down on the Appliances page and click Add NSX Intelligence Appliance. This starts the appliance deployment wizard:
Enter the URL to the OVF file and the appliance network configuration:
I’m deploying the small NSX Intelligence appliance which is suitable for labs or PoCs. For a production environment you would select the large form factor.
In the next step we configure the vSphere details for the virtual appliance:
Configure the appliance credentials at the third and final step:
Click on Install Appliance to start the deployment:
Deployment took about 5 minutes to complete in my lab environment.
Although it’s a separate virtual appliance, the NSX Intelligence UI seamlessly integrates with the NSX Manager UI. It can be found under Plan & Troubleshoot > Discover & Take Action.
The two objects we can work with here are virtual machines and groups:
We can choose to display only certain VMs/groups or all:
And apply a filter based on tags, flows, and rules:
After powering on two Windows VMs it took about 20 seconds before NSX Intelligence engine started to draw the communication paths of these VMs. Impressive!
In full screen mode you can switch to dark mode. Much appreciated.
To get actual firewall rule recommendations you need to start a new recommendation process:
After clicking the Start Recommendation button you can configure some parameters. Time range being the most important:
Click on Start Discovery to kick off the recommendation process. This process can be monitored under Recommendations:
Once done analyzing the recommended rules, groups, and services can be reviewed and modified:
At step 2 we choose placement for the new recommendation based security policy:
Clicking on Publish will create the objects and enforce the security policy:
The recommended rules are in place:
Installing NSX Intelligence is a straight forward process (apart from its web based OVF installation requiring a web server).
We took the NSX Intelligence engine for a really quick test drive and deployed some recommended firewall rules including service and group objects minutes after deployment (a longer period for analyzing is strongly recommended).
Even as version “1.0” NSX Intelligence is going to make micro segmentation very much easier and very much faster. It’s a big step towards self-driving micro segmentation operations. No to mention the slick visualization and visibility it gives us for our VMs communication paths.