Build the Next-Generation Data Center
6 week online course starting in spring 2017

Microsegmentation in VMware NSX on Software Gone Wild

VM NIC firewalls have been around for years (they’re also the reason I got my first invitation to the awesome Troopers conference), but it sounds so much better when you call them Microsegmentation (not the one I talked about @ Troopers this year).

Marketing gimmicks aside, VMware NSX includes an interesting in-kernel stateful firewall, and Brad Hedlund was kind enough to explain the intricacies of that feature in Episode 27 of Software Gone Wild

5 comments:

  1. Excellent show, very informative. Brad's NSX knowledge and Ivan's question were a perfect mix. Very compelling and I have recommended the dist FW solution a couple of times, but I like the non use of overlay's as a segment solution for multi tier applications and the movment. Going through the ACI review now and their policy use of the VXLAN reserved bits gives one some "reservation". .

    Oh I Ivan. I like the "evil bit" comment. I have to remember that one.

    Good show fellas

    ReplyDelete
    Replies
    1. Thank you! BTW, here's the Evil Bit RFC: https://tools.ietf.org/html/rfc3514

      Delete
  2. If only things were black and white as the 1s and 0s of the "evil" bit :-)

    ReplyDelete
  3. Enjoyed the show. You guys talked about having the related services co-located on the same hosts and it was mentioned that *show notes* will be updated with the link. Is the link availble ?

    ReplyDelete
    Replies
    1. I know we mentioned a link and the need to include it, but I honestly can't remember what we were talking about. Is this what you were looking for or something else?

      http://www.vmware.com/files/pdf/products/nsx/VMware-NSX-Palo-Alto-Networks-WP.pdf

      Delete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.