Microsegmentation in VMware NSX on Software Gone Wild

VM NIC firewalls have been around for years (they’re also the reason I got my first invitation to the awesome Troopers conference), but it sounds so much better when you call them Microsegmentation (not the one I talked about @ Troopers this year).

Marketing gimmicks aside, VMware NSX includes an interesting in-kernel stateful firewall, and Brad Hedlund was kind enough to explain the intricacies of that feature in Episode 27 of Software Gone Wild

Listen to the podcast

Recent posts in the same categories

5 comments:

  1. jsicuran 27 March 2015 16:56
    Excellent show, very informative. Brad's NSX knowledge and Ivan's question were a perfect mix. Very compelling and I have recommended the dist FW solution a couple of times, but I like the non use of overlay's as a segment solution for multi tier applications and the movment. Going through the ACI review now and their policy use of the VXLAN reserved bits gives one some "reservation". .

    Oh I Ivan. I like the "evil bit" comment. I have to remember that one.

    Good show fellas
    Replies
    1. Ivan Pepelnjak 27 March 2015 17:18
      Thank you! BTW, here's the Evil Bit RFC: https://tools.ietf.org/html/rfc3514
  2. Unknown 27 March 2015 20:17
    If only things were black and white as the 1s and 0s of the "evil" bit :-)
  3. Anonymous 14 April 2015 05:30
    Enjoyed the show. You guys talked about having the related services co-located on the same hosts and it was mentioned that *show notes* will be updated with the link. Is the link availble ?
    Replies
    1. Ivan Pepelnjak 15 April 2015 08:12
      I know we mentioned a link and the need to include it, but I honestly can't remember what we were talking about. Is this what you were looking for or something else?

      http://www.vmware.com/files/pdf/products/nsx/VMware-NSX-Palo-Alto-Networks-WP.pdf
Add comment
Home
Sidebar