2. Disclaimer
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these
features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or
sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not
been determined.
CONFIDENTIAL 2
3. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 3
4. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 4
5. The Anatomy of the Most Agile and
Efficient Data Centers is SDDC
5
Custom Application
Google / Facebook /
Amazon Data Centers
Custom Platform
Any x86
Any Storage
Any IP network
Software / Hardware Abstraction
Software / Hardware Abstraction
6. The Choice for “New IT” for “All Applications”
6
Software Defined
Data Center (SDDC)
Any Application
SDDC Platform
Any x86
Any Storage
Any IP network
With NSX
Custom Application
Google / Facebook /
Amazon Data Centers
Custom Platform
Any x86
Any Storage
Any IP network
Software / Hardware Abstraction
Software / Hardware Abstraction
7. Provides
A Faithful Reproduction of Network & Security Services in Software
Management
APIs, UI
Switching Routing
Firewalling
Load
Balancing
VPN
Connectivity to
Physical Networks
Policies,
Groups, Tags
Data Security Activity Monitoring
8. Enables
Dynamic creation of complex application topologies in minutes
Network and Security Virtualization with NSX
Hardware
Software
9. NSX Components
Cloud
Consumption
• Self Service Portal
• vCloud Automation Center, OpenStack,
Custom CMS
Data Plane
NSX Edge
ESXi Hypervisor Kernel Modules
Distributed Services
• High – Performance Data Plane
• Scale-out Distributed Forwarding Model
Management
Plane
NSX Manager
• Single configuration portal
• REST API entry-point
Control Plane
NSX Controller
• Manages Logical networks
• Control-Plane Protocol
• Separation of Control and Data Plane
FirewallDistributed
Logical Router
Logical
Switch
11. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 11
12. VMware NSX Training & Certification:
Making SDE Real in 2014
Career Path
Certifications & Training Programs
12
Training
Certified Network
Virtualization Professional
Certified Network
Virtualization Expert
Certification
NET
1214
13. NSX Training and Certification Portfolio
• Training Courses (www.vmware.com/go/NSXtraining)
– VMware NSX Install, Configure, Manage
– VMware NSX Fast Track for Internetworking Experts (coming)
– VMware NSX Design and Deploy (coming)
• Certifications (www.vmware.com/certification)
– VMware Certified Professional – Network Virtualization (VCP-NV)
– VMware Certified Implementation Expert – Network Virtualization (VCIX-NV)
– VMware Certified Design Expert – Network Virtualization (VCDX-NV)
CONFIDENTIAL 13
14. Designing with NSX
14
Reference Designs & Technical Papers on VMware Communities:
https://communities.vmware.com/docs
Reference Designs and Technical Papers on the NSX Portal:
http://www.vmware.com/products/nsx/resources.html
NSX
Design Guides
NSX Partner
Reference Design
NSX Partner
Whitepaper
NSX
Hardening Guide
SDDC
Validated Guides
NET
2318
NET
1589
15. New Service Categories and Partners
NSX Partner Extensions
Security ServicesPhysical-to-Virtual Services Operations and Visibility Application Delivery Services
NET
2225
16. New Service Categories and Partners – GA Q32014
NSX Partner Extensions
Security ServicesPhysical-to-Virtual Services Operations and Visibility Application Delivery Services
NET
2225
17. VMware NSX Momentum: Over 150 Customers
17
top investment banks enterprises & service providers
18. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 18
19. VMware NSX – Use Cases
Self-Service IT
Dev X
Dev A
Test X
Acquisition A
DevOps Cloud
On-boarding M&A
Application specific networking
Flexible IP Address Mgmt
Simplified consumption
Key Capabilities
Examples
Data Center
Automation
Micro-segmentation of App
Simplifying Compute Silos
DMZ Deployments
Programmatic Consumption
Full featured stack
Visibility and ops
Key Capabilities
Examples
Public Clouds
XaaS Clouds
Vertical Clouds
Multi-tenant Deployment
Programmatic L2, L3, Security
Overlapping IP Addressing
Any Hypervisor, Any CMP
Key Capabilities
Examples
22. Multi-Tier App, Multiple Networks Multi-Tier App, Single Flat
Network
APP
DATABASE
WEB
WEB APP
DATABASE
Today’s app, PAAS, Containers ---- I want it all NOW
23. NSX Integrates with Cloud Automation Systems to Deliver
Applications with Network and Security in Minutes
CONFIDENTIAL 23
Consumption
Any
MGMT
1969
NET
2379
24. Self Service IT journey
CONFIDENTIAL 24
End user drops apps in
pre-created instances
Provider
Cloud
Consumer
End user instantiates
dynamic topologies
Provider
Provider delivers
Pre-Created instances
Provider delivers
Templates for
Dynamic Instantiation
End user drives any
topology
Provider delivers
guard rails
25. VMware NSX –Use Cases
Self-Service IT
Dev X
Dev A
Test X
Acquisition A
DevOps Cloud
On-boarding M&A
Application specific networking
Flexible IP Address Mgmt
Simplified consumption
Key Capabilities
Examples
Data Center
Automation
Micro-segmentation of App
Simplifying Compute Silos
DMZ Deployments
Programmatic Consumption
Full featured stack
Visibility and ops
Key Capabilities
Examples
Public Clouds
XaaS Clouds
Vertical Clouds
Multi-tenant Deployment
Programmatic L2, L3, Security
Overlapping IP Addressing
Any Hypervisor, Any CMP
Key Capabilities
Examples
26. Problem: Data Center Network Security
Perimeter-centric network security has proven insufficient, and micro-segmentation is operationally infeasible
Little or no
lateral controls
inside perimeter
Internet Internet
Insufficient Operationally
Infeasible
SEC
1959-S
27. NSX: Enabling a Needed Control Point in the Datacenter
for Security
CONFIDENTIAL 27
An NSX platform is made up of distributed
elements embedded in each
hypervisor,
enabling each VM/app to
have its own security
policy
Security closest to the applications and aligned with application lifecycle.
SEC
1746
28. NSX is the platform for integrating
advanced security services.
Security Partner Integrations
CONFIDENTIAL 28
Partner Ecosystem
Next-generation IPS Malware Protection
Granular protection of individual VM workloads with
customizable policy definitions
Automation of advanced malware interception
Unified management for physical and virtual sensors
Data Center security with agentless anti-malware and
guest network threat protection
Real-time, dynamic threat protection and response
for workloads moving between hosts and virtual data
centers
Vulnerability Management
Automatic vulnerability risk assessment
Data Center wide real- time risk visibility
Auto segmentation of risky assets
Vulnerability prioritization for effective remediation
File and Malware Protection
Single virtual appliance provides agentless:
Anti-malware with URL filtering
Vulnerability and software scanning
Detection of file changes
Intrusion Detection & Prevention
Next-Generation Firewall
Multiple threat prevention disciplines including firewall, IPS,
and antimalware
Safe application enablement with continuous content
inspection for all threats
Granular user-based controls for apps, content, users,
SEC
1958
NET
2225
29. NSX Micro-Segmentation Journey
29
Deployed Applications on
Physical Networks
New Deployments/
Deployed applications
Apply NSX Security Full network and security
virtualization
35. NSX – The Network Virtualization Platform: What’s New
35
ConsumptionServicesDataPlaneOperations
Operations Guides
& Best Practices
Integration with Existing Tools
Riverbed, Gigamon, NetScout, EMC Smarts
Analytics
VMware vCenter Ops, Log Insight
Firewall Operations
Tufin, Algosec
New NSX Partners &
Service Categories
Physical-to-Virtual Services
Operations & Visibility
Application Delivery Services
Security Services
36. NSX – The Network Virtualization Platform: What’s New
36
ConsumptionServicesDataPlaneOperations
vCloud Automation Center
More topologies and on demand use cases
OpenStack Juno
Control plane scale & Docker integration
37. NSX – The Network Virtualization Platform: What’s New
37
Consumption
• VMware vCloud Automation Center
• OpenStack Juno
Services
• Distributed Firewall Operations
• LBaaS: UDP support
• DDI: DHCP relay
DataPlane
• Continue advancements of Open Virtual Switch
• NSX Edge: A-A with scale-out
• Physical device integration
Operations
Partner
Integration
• New NSX Partners & Service Categories
• Operations Guides & Best Practices
• Integrations with existing tools
• Analytics, Firewall Ops
• Multi-site and hybrid enablement
38. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 38
45. NSX with physical workloads
Physical Workloads
VXLAN VLAN
x86-based bridge
Highest density but requires specific hardware
Leverages x86 server
Physical Workloads
VXLAN VLAN
HW VTEP
46. NSX with physical workloads
Native NSX
support for
containers
Ecosystem with
OVSDB
x86 based
bridging
49. Agenda
1 Intro to NSX
2 NSX Momentum
3 NSX Use Cases
4 What’s New in NSX 2014
5 NSX Operations
6 In closing
CONFIDENTIAL 49
50. NSX – The Network Virtualization Platform
50
Consumption
How an end user consumes NSX services via a Cloud Management Platform.
The operator interacts with the system through UI or API.
Services
NSX logical services and 3rd party extensions for networking and security (ex. Logical switch , Logical
router, Firewall, Load Balancer, VPN, DDI)
DataPlane
Provides workload connectivity & services processing
(ex. hypervisors, physical switches and appliances)
Operations
Partner
Integration
NSX operator uses tools (built-in and 3rd party) for
troubleshooting, visibility
Management, Control & Data plane integration
of 3rd party services
DataPlane
XenServerNSX Edge Hyper-VvSphere KVM3rd Party GW
ServicesServices
L2 Switch Firewall Load BalancerL3 Router VPN DDI
Operations
Partner
Integration
Software partner extensions
Hardware partner extensions
Partner extensions
vCOPs
Consumption
Any
51. SDDC Approach with NSX Enables Choice and Flexibility
2-Tier / 3-Tier Leaf / Spine
Build
Your
Own
Converged
Systems
Hyper-
Converged
Systems
Today’s
Application
PAAS Containers . . .
. . .
< Any Network >
< Any Infrastructure >
< Any Application >
54. Business Solution
• NET1214 NSX Certification – the Next Step in your Networking Career
• NET1745 The Case for Network Virtualization: Customer Case Study
• NET1786 The Business Case for Network Virtualization
• NET2293 Bridging Enterprise Networks to Hybrid Cloud Using NSX
Hands-on Labs
CONFIDENTIAL 54
• SDC-1402 vSphere Distributed Switch from A to Z
• SDC-1403 Introduction to VMware NSX
• SDC-1420 OpenStack with VMware vSphere and NSX
• SDC-1423 vCloud Suite Basic Networking
• SDC-1424 VMware NSX and SDDC
• SDC-1425 VMware NSX Advanced
55. Technical Track - Networking
CONFIDENTIAL 55
• NET1846 Introduction to NSX
• NET1743 VMware NSX – A Technical Deep Dive
• NET1957 NFV for Telco Infrastructure
• NET1468 A Tale of Two Perspectives: IT Operations with VMware NSX
• NET1586 Advanced Network Services with NSX
• NET1560 The NSX Guide to Horizon View
• NET1883 NSX Performance Overview
• NET1588 Load Balancer as a Service, using NSX or Partner Solutions
• NET1401 vSphere Distributed Switch Best Practices for NSX
• NET2318 Scale-Out NSX Deployments: With VMware-powered SDDC
• NET1581 Reference Design for SDDC with NSX for Multi-Hypervisors
• NET2379 Dynamically Configuring Application Specific Network Services for vCAC &NSX
• NET2225 NSX Platform: Enabling 3rd Party Network & Security Solutions
56. Advanced Technical Track - Networking
CONFIDENTIAL 56
• NET1949 VMware NSX for Docker, Containers & More
• NET1589 Reference Design for SDDC with NSX & vSphere
• NET1583 NSX for vSphere Logical Routing Deep Dive
• NET1974 Multi-Site Data Center Solutions with VMware NSX
• NET1674 Advanced Topics & Future Directions in Network Virtualization with NSX
• NET1966 Operational Best Practices for VMware NSX
• NET1592 Under the Hood: Network Virtualization with OpenStack Neutron & VMware NSX
Group Discussions - Networking
• NET3441-GD vSphere Distributed Switch
• NET3442-GD vCAC and NSX
• NET3443-GD NSX Routing Design Best Practices
• NET3445-GD NSX Multi Site Deployments
• NET3444-GD NSX Network Services
57. Technical Track - Security
CONFIDENTIAL 57
• SEC1196 Who Can You Trust? Strategies & Designs for Implementing Zero-Trust Model Leveraging NSX
• SEC2238 Security & Micro-Segmentation for the SDDC
• SEC1959-S The “Goldilocks Zone” for Security
• SEC1958 Automating Security Policy Enforcement with VMware NSX
• SEC1698 Optimize Security with Context & Isolation using NSX Guest Introspection
• SEC2567 Unleashing Collaborative Security with VMware NSX – Advanced Defense for Advanced Threats
Advanced Technical Track - Security
• SEC2421 VMware NSX Security Operations Best Practices
• SEC1746 NSX Distributed Firewall Deep Dive
Group Discussions - Security
• SEC3446-GD Security & Micro-segmentation
• SEC3449-GD Security Policy Automation using NSX Service Composer
• SEC3448-GD NSX Platform Extensibility
• SEC3447-GD Compliance Reference Architecture
58. Technical Track – Management
CONFIDENTIAL 58
• MGT1833 How to Perform Troubleshooting and Root Cause Analysis Using Log Insight
• MGT1878 Deep Dive into How vCenter Operations Simplifies NSX Operations
• MGT1969 vCloud Automation Center and NSX Integration Technical Deep Dive
59. Fill out a survey
Every completed survey is entered into a
drawing for a $25 VMware company store
gift certificate