Network Security, Security Architecture

#VMwareNSXChat recap: NSX-T 3.2

In our most recent Twitter chat, we were joined by Vivek Bhandari, Varun Santosh, and Srini Nimmagadda to answer common questions about NSX-T 3.2, its benefits, how it works, and more. Dive in below for the full recap of our NSX-T 3.2 #VMwareNSXChat.

Question 1: If you had to describe NSX-T 3.2 to a friend using just one sentence (or using just 280 characters) what would you say? #VMwareNSXChat

Varun: Stronger security, simplified networking, easy operations – what’s not to like #VMwareNSXchat!

Vivek: It’s like going from a flip phone to a touch screen smartphone. Gamechanger! #VMwareNSXChat

Question 2What are the key Networking and Policy enhancements? #VMwareNSXChat

Varun: NSX-T 3.2 simplifies network provisioning thru prescriptive NSX deployment from vCenter, deeper integration with Antrea, Federation support for VM tag replication, enhanced migration coordinator, and enhanced monitoring and troubleshooting. #VMwareNSXChat

Question 3What are the key security enhancements? #VMwareNSXChat

Vivek: NSX-T 3.2 is a quantum leap forward bringing advanced security in a distributed architecture. It now includes network traffic analysis (NTA) and network detection and response (NDR), malware prevention with sandboxing, L7 gateway firewall, and more. #VMwareNSXChat

Vivek: Of particular interest to VMware customers is the distributed firewall support for VDS workloads, and the new vCenter plugin to easily deploy and manage advanced network security for vSphere environments. #VMwareNSXChat

Srini: Enhancements to User Identity based access controls and L7 Application Identity based access controls are quite valuable to the customers as well #vmwarensxchat

Question 4What are the benefits of those enhancements? #VMwareNSXChat

Vivek: Operational simplicity with the tapless NTA and integrated NDR capabilities! No need for network changes, no need to do network tapping! Abilityto activate advanced security across all east-west traffic at cloud scale is what this architecture delivers! #VMwareNSXChat

Vivek: Distributed firewalling support for VDS and the vCenter plugin for NSX dramatically simplifies the customer experience #VMwareNSXChat

Srini: While micro-segmentation is amazing at reducing the attack surface compared to perimeter-only defenses, modern enterprises need to understand which attacks are propagating within the network at any given point of time #VMwareNSXChat

Srini: NSX now delivers advanced threat detection and prevention capabilities, along with NDR in order to help security teams get full visibility on the attacks within the network #VMwareNSXChat

Srini: Here are the list of enhancements we’re referring to

Question 5How does NSX-T 3.2 help defend against #ransomware attacks? #VMwareNSXChat

Srini: Detection of malware and advanced attacks on the network is a key first step in #ransomware defense. NSX Advanced Threat Prevention squarely addresses this requirement #VMwareNSXChat

Vivek: Automation plays a huge role as well – for example, customers can automatically take VM snapshots, or backup the data when a potential attack is identified, and recover from #ransomware attacks #VMwareNSXChat

Question 6What is Tapless Network Detection and Response? #VMwareNSXChat

Varun: Learn more about our AAA rating for NDR here.

Vivek: Traditional Network Detection and Response (NDR) solutions require sensors to be installed in the network. All the visibility customers get from the NDR solution is based on the limited locations where these sensors are installed #VMwareNSXChat

Srini: With NSX integrated NDR, each Distributed Firewall (running within a hypervisor) acts as a sensor – and no additional sensors are needed in the network. (Thread 1/2) #VMwareNSXChat

Question 7What malware detection capabilities are available with 3.2? #VMwareNSXChat

Srini: NSX Advanced Threat Analyzer (based on renowned Lastline technology) detects advanced malware engineered to defeat advanced or next-generation enterprise security tools, such as traditional sandboxes, firewalls and intrusion prevention #VMwareNSXChat

Srini: NSX Distributed and Gateway Firewalls now leverage Advanced Threat Analyzer to deliver protection from zero-day and known malware traversing the data center #VMwareNSXChat

Question 8What’s new with NSX Intelligence in 3.2? #VMwareNSXChat

Srini: We’ve rearchitected NSX Intelligence in 3.2 to address much higher scale for hosts and flows. Large enterprises can now visualize their networks and create micro-segmentation policies using a single installation of NSX Intelligence️ #VMwareNSXChat

Srini: In addition, we’ve added Network Traffic Analysis (NTA) capabilities to identify anomalous behavior in the network #VMwareNSXChat

Question 9: What’s the upgrade effort to go from NSX-V to NSX-T 3.2? #VMwareNSXChat

Varun: Migration to NSX-T is greatly simplified with migration coordinator support for customer-defined NSX topologies, VIO, OSPF, guest introspection, and identity-based firewall config.

Varun: Or get expert help from VMware

Vivek: Assess your environment for migration. Learn more here

Question 10: What excites you the most about NSX-T 3.2? #VMwareNSXChat

Varun: It delivers the much needed network and operational simplification while further enhancing our security capabilities #VMwareNSXChat

Vivek: Early feedback from customers has been great. People are loving how the integrated advanced security that’s easy to operationalize will help accelerate their zero trust journeys for protecting their workloads across the multi-cloud environments. #VMwareNSXChat

Srini: With all the innovations we are delivering with NSX, security teams get better threat visibility for all traffic inside the network and thereby protect their critical assets. Who says micro-segmentation is only access control? #vmwarensxchat

Question 11How is VMware making NSX easier to deploy and consume? #VMwareNSXChat

Varun: With the ability to deploy NSX using prescriptive steps within vCenter, enforce container policies and deploy NSX adv load balancer from a single console, NSX truly delivers a simplified operational paradigm for networking and security. #VMwareNSXChat

Srini: The “vCenter Plugin for NSX” introduced in 3.2 enables customers to manage firewall policies natively from the vCenter. This dramatically simplifies the customer experience for smaller customers #vmwarensxchat

Question 12How does NSX-T solve the common networking and security challenges in #Kubernetes environments? #VMwareNSXChat

Varun: NSX-T provides enterprise-grade networking and security for K8s at pod and network fabric level. With3.2, Antrea NetSec policies for containers can be defined in NSX-T UI and applied to K8s clusters, providing a single console to manage both VMs and containers. #VMwareNSXChat

Varun: More details here

Question 13If you had to describe NSX-T 3.2 as a gif, which would you choose and why? #VMwareNSXChat

Vivek: Incredible teamwork led to all the advanced capabilities added into NSX-T with this release. This will provide customers an upper hand in tilting the cyber security battle in their favor.

By Lauren Klass

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.