The Year of Living Operationally with VMware NSX
After connecting with our customers about their network architectures and infrastructures, we are being asked more and more about VMware NSX. If you are not familiar with NSX, it decouples the physical network from the virtual, reproduces all networking and security services completely in software and provides the equivalent of a hypervisor for the network. NSX networks can be programmatically managed and spun up on demand. This allows network and security services to be provisioned at the same time that compute services are provisioned, enabling fast application deployment. In fact, we will be showcasing this and much more around our joint capabilities at VMworld 2015, so be sure to stop by the Riverbed booth #2411 to learn more!
In its Q2 2015 quarterly earnings announcement, VMware said that it has 700 paying NSX customers (up from about 150 a year ago). That probably explains why we have been hearing constant NSX chatter these days – and the questions I am getting are less often “What is NSX?” and have become, “We are moving forward with NSX in production environments, can Riverbed help us operationalize that?”
The answer to that question is most definitely, yes!
For organizations with cloud scale environments that require applications and workloads to dynamically traverse the network, NSX overlay networks should prove to be very beneficial. Organizations need to understand that the more virtualized and abstracted the environment is, the more important it is to have visibility.
Riverbed and VMware have partnered to ensure that as the new NSX technology is rolled out, operations teams have full application-aware visibility into NSX overlay networks. This proactive visibility allows organizations to get ahead of the curve and retain full control and visibility, even in a highly virtualized data center.
Seeing the NSX traffic
Riverbed and VMware worked together to jointly develop the NSX-aware IPFIX format, which provides performance information about virtual overlay network traffic and associated UDP-encapsulated traffic. This efforts extends the performance management capabilities of SteelCentral solutions for monitoring the virtual switch/VDS within vSphere to monitoring virtual data centers and their associated overlay networks.
Virtual network traffic is carried over NSX using UDP-encapsulated tunnels. The NSX platform provides IPFIX information provides internal flow and external tunnel information. Seeing both in context can keep you from being blindsided by changes in your monitored network.
For over three years, Riverbed has had the capability to see both the physical and virtual traffic details - like applications, hosts, conversations, and virtual tunnel end points – associated with your VMware NSX virtualized environments. Many other vendors are just starting to talk about their capabilities.
Riverbed will be at VMworld 2015 in San Francisco starting August 30. Come visit us in booth #2411 to talk to our SteelCentral experts and to see a live demonstration of SteelCentral visibility for NSX. Additionally, you can check out our video demonstration here.
Figure 1: SteelCentral NetProfiler leverages the NSX-aware version of IPFIX to provide visibility into NSX traffic. This screenshot show the virtual tunnel end points (VTEPs) involved in this virtual network and relative amounts of traffic flowing between them. Each link is clickable so you can drill down for additional detail.