Network & Security – Page 2

VMware NSX Application Platform Deployment

This post is intended for administrators who must deploy or manage the NSX Application Platform and activate the NSX applications that are hosted on the platform. This post will cover the deployment and activation starting from the NSX-T UI and it assumes the needed Kubernetes platform has already been prepared (Controller and Worker Nodes already created toContinue reading “VMware NSX Application Platform Deployment”

VMware NSX-T Data Center 3.2.0.x

VMware NSX-T Data Center 3.2.0 | 16 December 2021 | Build 19067070 ***VMware removed 3.2.0 around a week or two after the release and recommend users upgrade to 3.2.0.1 instead*** What’s New NSX-T Data Center 3.2.0 is a major release offering many new features in all the verticals of NSX-T: networking, security, services and onboarding. HereContinue reading “VMware NSX-T Data Center 3.2.0.x”

VMware NSX Security

It has been a while since I last posted something here and so many new features have been added to VMware NSX since the 3.2 release in December 2021. With a major focus on Security in this release I thought it would make sense to create a few blog posts which would help others gettingContinue reading “VMware NSX Security”

NSX-T Time-Based Firewall Policy

VMware NSX-T Distributed Firewall (DFW) offers L2 to L7 stateful firewall capabilities, in my previous blog I covered the capability to create policies matching FQDN/URLs. This blog will further expand on the NSX-T DFW capabilities and focus on time-based firewall policies. With time-Based firewall policies, security administrators can restrict traffic from a source to aContinue reading “NSX-T Time-Based Firewall Policy”

NSX-T Filtering Specific Domains (FQDN/URLs)

VMware NSX-T Distributed Firewall (DFW) offers L2 to L7 stateful firewall capabilities. Most NSX-T operators are fairly comfortable creating L4 policies in the quest to achieve the “zero-trust” model. In this blog I wanted to take this one step further and explore the capabilities of using the DFW to enforce policy matching L7 FQDN/URLs. IContinue reading “NSX-T Filtering Specific Domains (FQDN/URLs)”

NSX-T 3.1 – Deploying Distributed IDS/IPS

In NSX-T 3.0 VMware introduce distributed IDS and now in NSX-T 3.1 this has been expanded to include distributed IPS. In this blog I will highlight the steps to enabled and configured distributed IDS/IPS and end with a demonstration. Overview Distributed Intrusion Detection and Prevention Service (IDS/IPS) monitors network traffic on the host for suspiciousContinue reading “NSX-T 3.1 – Deploying Distributed IDS/IPS”

NSX-T 3.1 – Configuring DHCP Server

As I build out various demonstrations in my lab I wanted to reduce the amount of static IP allocations on my demo work loads so that I can move them between network segments for different demonstrations and with this enabling a DHCP Server in my NSX-T deployment makes sense. So in this post I willContinue reading “NSX-T 3.1 – Configuring DHCP Server”

Product Offerings for VMware NSX Security 3.1.x

New VMware NSX Security editions became available to order on October 29th, 2020. The tiers of NSX Security licenses are as follows: NSX Firewall for Baremetal Hosts: For organizations needing an agent-based network segmentation solution. NSX Firewall Edition: For organizations needing network security and network segmentation. NSX Firewall with Advanced Threat Prevention Edition: For organizationsContinue reading “Product Offerings for VMware NSX Security 3.1.x”

Configuring NSX-T VRF Lite Networking

VMware introduced VRF capabilities in NSX-T 3.0, this post will guide you how through the steps to configure and enabled VRF capabilities. A virtual routing and forwarding (VRF) gateway makes it possible for multiple instances of a routing table to exist within the same gateway at the same time. VRFs are the layer 3 equivalentContinue reading “Configuring NSX-T VRF Lite Networking”

Deploying NSX-T Data Center Federation with 3.1.0

VMware recently announced the general availability of NSX-T 3.1.0 bringing a host of new features and functionality. One of the key features which is now production ready is the Multi-Site solution, Federation. Support for standby Global Manager Cluster Global Manager can now have an active cluster and a standby cluster in another location. Latency betweenContinue reading “Deploying NSX-T Data Center Federation with 3.1.0”