NSX-T 3.0 goes GA

Major release of our full stack Layer 2 to Layer 7 networking platform that offers virtual networking, security, load balancing, visibility, and analytics in a single platform.

As a key component of Virtual Cloud Network, innovation at it best NSX-T 3.0 also introduces 

  • Global policy consistency
  • AWS and Azure gov cloud support
  • VMware NSX® Intelligence enhancements, 
  • Layer 3 EVPN, and powerful networking and security services for vSphere with Kubernetes

Cloud-scale Network Agility

Scaling up and managing a cloud environment – whether public or private.

NSX Federation – NSX Federation in NSX-T 3.0 helps deliver a cloud-like operating model by simplifying the consumption of networking and security constructs. It introduces the NSX Global Manager, a centralized console for managing the network as a single entity while keeping configuration and operational state synchronized across multiple locations.

Support for AWS GovCloud and Azure Government – NSX-T 3.0 extends support for public clouds with VMware NSX™ Cloud support for AWS GovCloud and Azure Government.

Enhanced Multi-tenancy with VRF Lite and Layer 3 BGP EVPN – VRF Lite greatly reduces the networking infrastructure footprint by introducing complete data plane tenant isolation with separate routing table, NAT, and firewall within each VRF on NSX Edge. NSX Edge also implements Layer3 EVPN to seamlessly connect telco VNFs to the overlay network.  The Edge implements standards based BGP control plane to advertise IP Prefixes, running eBGP sessions to the VNF and MP-BGP sessions with the PE/DCGW(s). 

Dynamic Network Service Chaining – NSX service insertion is further enhanced with support for dynamic service chaining for traffic from and to VMs, containers, and bare metal workloads.  The Edge Node dynamically classifies incoming network traffic and applies a set of network services to achieve app-aware security and monitoring.

Intrinsic Security:

NSX-T 3.0 is a step further towards our goal of extending the NSX intrinsic security approach from every workload to data center, multi-cloud, and edge. 

NSX Distributed IDS/IPS : NSX Distributed IDS/IPS is an advanced threat detection engine purpose-built to detect lateral threat movement on east-west traffic across multi-cloud environments.  It eliminates security blind-spots and helps meet compliance needs.

  • L7 Edge Firewall Enhancements – The Layer 7 Edge Firewall is further enhanced in NSX-T 3.0 with the implementation of URL Analysis for URL Classification and Reputation. The Edge Firewall detects access from outside the datacenter for granular detection and categorization of in-bound and outbound URLs.
  • DFW for Windows 2016 workloads – In addition to existing support for Linux, NSX-T 3.0 adds NSX Distributed Firewall (DFW) support for Windows 2016 based physical workloads. 
  • Time-based rules and Configuration wizard – Firewall rules can be enforced based on a pre-scheduled timeline defined by the administrator. NSX-T 3.0 also simplifies the implementation of VLAN backed micro-segmentation using a new configuration wizard. 

Full-stack Networking and Security for Modern Apps

Networking for vSphere with Kubernetes – NSX-T is designed-in from the ground up as the default pod networking solution for vSphere with Kubernetes.  NSX provides a rich set of networking capabilities for vSphere with Kubernetes, including distributed switching and routing, firewalling, load balancing, NAT, IPAM, and more.

  • Prescriptive networking for vSphere Namespace isolation – NSX-T 3.0 delivers a prescriptive network design to greatly simplify the implementation of vSphere Namespaces. It automatically implements the logical segments, distributed routing and firewalling, and IPAM services required for Namespace isolation in the vSphere Supervisor Cluster.  Any workloads created in a Namespace automatically inherit the security policy applied to that Namespace, allowing developers to self-service resources into that Namespace. 
  • Integration with Cluster API in VMware Tanzu Kubernetes Grid Service – NSX-T integrates with VMware Tanzu Kubernetes Grid Service to allow developers to deploy Tanzu Kubernetes Grid clusters.  NSX-T greatly simplifies the necessary networking infrastructure, including the creation of logical segments, Tier-1 Gateway, and load balancers, needed for Tanzu Kubernetes Grid clusters.

Major enhancement on Operational Simplicity and Automation 

Converged vSphere® Distributed Switch™ – With NSX-T 3.0, admins can now deploy NSX-T directly on VMware vSphere Distributed Switch 7.0. This greatly simplifies NSX-T deployment in vSphere environments with no changes required to the existing vSphere Distributed Switch and no VM traffic disruption.
Policy Enhancements with Terraform Provider & Ansible Module – NSX-T 3.0 extends the use of Terraform Provider and Ansible Modules, two of the most widely used automation tools for config generation and deployment, beyond NSX-T installation use cases with support for the NSX-T Policy API.

Want to try hands-on, get started with a Beginner or Advanced NSX Hands-On-Lab (HOL) 

VMworld 2018, What is different…!!

With VMworld 2018 around the corner, everyone out there wants to  have a productive event.I often get asked by customers, what sessions do you recommend.

The fact is , all of our customers are at different stages of their digital transformation and approach of single size fits all doesn’t work .

Who is driving this transformation , of-course “Business needs” are driving  the outcomes for all enterprises.

Businesses are looking towards  “Speed to Market” , forcing internal IT to bridge the gap and be service provider to business , similar to a Public Cloud Provider, the approach that drives internal IT to adopt “Software Defined Data Center” and a clear Multi-Cloud Strategy.

Enterprises  while competing with Startups are creating a culture of “Startups in the enterprise”, focusing on reducing the technical debt, application modernization,creating competitive advantage with “Software”.

As Highlighted by Forrester Research,  “every company is in the software business.”

In a world that is changing at breakneck speed, the ability to identify and respond to digital innovation opportunities more quickly than your competitors will determine if your company sinks or swims.

This new paradigm shift in the world meant a change not just for Operators but Developers. For Developers , that speed is driven by Appdev transformation , Monolith to Micro-services,Cloud Native Platforms, CaaS,FaaS (Serverless) leading to not just Multi-Cloud but Multi-Platform enterprise strategies.

Every enterprise is at different levels of transformation at realm of Multi-Cloud and Multi-Platform adoption.

Here is a look at their priorities over the next one to two years (Multi-Platform CF report June 2018) :

The adoption of containers and questions like “Will Containers take over VM’s” have already been answered ? They drive organizations on their cloud journey a way to test out cloud-native technologies, for example building in continuous delivery practices and refactoring applications. For example, companies using containers can orchestrate them with the much-discussed Kubernetes, which IT Decision Makers rank as the top orchestration tool, overtaking Docker Swarm for the first time  on container orchestration tools.

Let’s discuss where are containers in the eco-system of technology, from the same report

We can clearly see, broad deployments trending across containerization followed by CI/CD ,Cloud Native platforms and Serverless.

The crux is the fact that “Every Enterprise either has a Multi-Cloud and Multi-Platform Strategy” or is planning one.

Rolling the discussion back to the topic, I consider this VMworld to be a differentiated one. VMworld has mostly been focused around Multi-Cloud Strategy , IT Operators but the current one surely has great technology led discussions for Developers with huge presence of Pivotal and providing them what they need to just focus on their Developer Productivity with PAS and PKS.

Here is a quick draft of sessions which you will see huge value based on the above discussion for your enterprise .

– Kubernetes On Fire (One of the Favorites) :

How do we take our Kubernetes workloads to production? Pivotal Container Service, PKS (Managed Kubernetes)  is a popular option – come learn why! Pivotal’s Sr. Director of Technology, Cornelia Davis, showcases PKS customer stories and the security, isolation, and high availability of K8s clusters.

When: Sunday, August 26, 2:00 p.m. to 2:30 p.m. | #CNA1780QU

The ability to #DevLikeaStartup sounds nice, but executing the seamless capabilities associated with rapid CI/CD deployment is challenging in a worldwide enterprise with strong data gravity and compliance mandates.  If you ever are the one to lose sleep over how to maintain controls while providing developers the freedom to code and use Kubernetes, this session is for you. The question enterprises would want to know how can they leverage  existing VMware investments to implement PKS.

When: Wednesday, August 29, 1:50 p.m. to 2:10 p.m.

Real-World Stories from PKS Customers : 

Existing customers discuss their successes, their challenges, the unique company demands and hurdles they jumped through to reach their goals. For those of you serious about bringing Kubernetes containers to your IT environment, this panel session is a must-see.

When:  Monday, August 27, 2:00 p.m. – 3:00 p.m. | CNA1199PU

– Automate Everything, Cars, Trains, NSX and CNA :

As we saw above, automation is key to businesses to drive innovation.This session is to discuss automation of the platform using CI pipelines with Concourse to automate NSX, PKS and Pivotal Application Services.

– Wells Fargo Discusses Security with Pivotal Cloud Foundry :

Security being Key to success of our enterprises, Leaders from Wells Fargo will offer their story how they tackle compliance while managing the daily needs of a business with speed and agility.They will discuss how PCF enables them to fend off cyber attacks that threaten their business.

Time: Wednesday, August 29, 3:30 p.m. to 4:30 p.m. | #CNA1464BU

– Demos & Hands-on Labs with Pivotal :

How does PRA Pivotal Ready Architecture (Framework of best of breed technologies and best practices to deploy PAS and PKS) ,concrete plan for how Kubernetes, NSX-T, vSphere, PKS and Pivotal Ready Architecture fit into your IT strategy.

Overcome the challenges with a Scalable and repetitive architecture for the enterprise, providing IT Operators the speed what business needs.

Dive into product architecture and perform LIVE demos at the booth, and offer four 5-minute talks throughout the day where you can hear about customers who have installed PRA and PKS.

VMworld also offers Hands-on Labs (HOL) which allow you to get in the driver’s seat to build ,test and deploy.

NSX Container Networking for Pivotal Application Services 

NSX is Key to Multi-Cloud and Multi-Platform strategy for our customers ,this would provide great insight to container Networking.

Monday 27th Aug , Meet the Experts, Level 2 Foyer, Table , 3:15 – 4pm

Technical Deep Dive: Kubernetes Networking and Security with NSX-T on PKS

Value of NSX-T offering C2C networking ,LB’s,security framework for PKS

Tuesday 28th Aug , Breakers F, Level 2, 2-3pm 

– Architecting PKS for Production: Lessons Learned from PKS Deployments

This session is focused on lessons from the field , the speakers have been involved in drafting cookbooks for NSX-T and PKS based on their experiences with customers.Don’t miss it !

Tuesday 28th Aug , Mandalay Bay L, Level 2, 3:30 – 4:30pm

Operating and Managing Kubernetes on Day 2 w/ PKS

This session is the “know-hows”of our enterprise which lies in the success of managing Day-2 operations of the platform (Upgrades or should i say rolling upgrades, Patching).The speakers from the product management have vast experience of enterprise customer needs and what a successful platform would look like , encompassing  the current challenges of dev’s and operators.

Wednesday 29th Aug , Islander B, Lower Level, 8- 9am

– Enterprise Kubernetes: Balancing Developer Needs with Enterprise Controls

Pivotal’s Sr. Director of Technology, Cornelia Davis would discuss on  balancing developer needs keeping in view the enterprise controls,persona management with need to have a managed K8 platform.

Wednesday 29th Aug , Solutions Exchange Theater, Level 1, 1:50 – 2:10pm

– Run Stateful Apps on Kubernetes with PKS: Highlight WebLogic Server

Running Stateful apps is one of the best quantified use cases of PKS/K8 and how containers can move across with PV’s. This session would focus on this discussion.

Wednesday 29th Aug , Pwr Session Theater, VMTN Lounge,9:30 – 10am

– K8s Self-Service Deploy & Ops at Scale w/ PKS

This session will focus on ease of deployment and scale, as a K8 user or a non-user both you will find value in this session.

Wednesday 29th Aug , 12:30-1:30pm

Lastly, i see NSX becoming key to success of enterprises adopting Multi-Cloud and Multi-platform strategies , here is more on that.

Next-Generation Reference Design with NSX-T Data Center: Part 2

This would cover the ref architecture for data center design leading to deep dive use cases.

Wednesday 29th Aug , Mandalay Bay I, Level 2,11:30 – 12:30pm

– NSX Design for Cloud-native Apps with Pivotal Cloud Foundry

Niran is an expert on NSX with PAS,PKS, he would provide great insight on design criteria’s for CNA with NSX.

Wednesday 29th Aug , Islander C, Lower Level,2:30 – 3:30pm

 

This is a wrap, look forward to great VMworld 2018 with so much of content,meetings, roadmaps.

More to follow….feel free to add your Comments,feedback …!!