Tag Archives: Security Groups

Automating Security Group and Policy Creation with NSX REST API and Python

Posted on April 2, 2016 by Humair

My latest post on the VMware NSX Network Virtualization Blog, Automating Security Group and Policy Creation with NSX REST API, describes using NSX REST API with some code for a simple yet realistic use case focused around security where automation … Continue reading →

VMware NSX Online Fundamentals – Multi-Site/Disaster Recovery

Posted on March 19, 2016 by Humair

Check-out this overview and walk-through presentation I recently did on Cross-VC NSX functionality introduced in NSX 6.2. Deployment models, Multi-Site, and Disaster Recovery solutions are also discussed. To view the video, you must first register. You will then have access … Continue reading →

Posted in Network Architecture, Network Security, Networking, Security, Technology, Virtualization and Cloud Computing, VMware, VMware, VMware | Tagged 8 NSX Managers, ARP snooping, Central CLI, CLI monitoring, communication channel health monitoring, Cross-VC NSX, Cross-VC NSX failover, Cross-VC NSX failover scenarios, Cross-VC NSX object, Cross-VC NSX objects, Cross-VC NSX recovery, Cross-VC NSX recovery scenarios, Cross-vCenter, Cross-vCenter Networking and Security, DFW, DHCP snooping, Disaster Recovery, distributed firewall, DSX logical router, eight NSX Managers, global, host locale ID, ip address, IP Set, local egress, locale ID, logical router, logical switch, MAC address, MAC Set, multi-site, multi-site deployment, multi-vcenter NSX, Network Virtualization, north-south, North-South traffic, NSX, NSX 6.2, NSX 6.2 new feature, NSX Controller Cluster, NSX Controllers, NSX DFW, NSX Disaster Recovery, NSX Distributed Firewall, NSX DLR, NSX failover scenarioes, nsx logical router, NSX logical switch, NSX LS, NSX Manager, NSX multi-site, NSX multi-site deployment, NSX multi-site failover scenarios, NSX multi-site recovery scenarios, NSX network virtualization, NSX recovery scenarios, NSX Security Groups, NSX Site Recovery Manager, NSX SRM, NSX UDLR, NSX Universal Controller Cluster, NSX Universal Controllers, NSX Universal DFW, NSX Universal DFW Rules, NSX Universal Distributed Firewall, NSX Universal Distributed Logical Router, NSX Universal Logical Switch, NSX Universal LS, NSX Universal Rules, NSX Universal Synchronization Service, NSX Universal Transport Zone, NSX UTZ, NSX with multiple vCenters, primary NSX Manager, secondary NSX Manager, security, Security Groups, Site Recovery Manager, SRM, trace flow, UDLR, universal, Universal Control VM, Universal Controller Cluster, Universal DFW, Universal DFW rules, Universal Distributed Firewall, Universal distributed firewall rules, Universal Distributed Logical Router, Universal DLR, Universal Logical Switch, Universal LS, Universal rules, Universal Synchronization Service, Universal Transport Zone, UTZ, vCenter, VMware network virtualization, VMware NSX 6.2, VMware NSX Manager, VMware Site Recovery Manager, VMware SRM, VMware vCenter, VSS | 2 Comments

VMware NSX 6.2 Adds Cross-vCenter Networking and Security

Posted on September 5, 2015 by Humair

Ahead of this year’s VMworld which was just this past week (08/30 – 09/03), VMware recently released NSX 6.2 with many new and exciting features. You can see a list of new features listed in the NSX 6.2 online release … Continue reading →

Posted in Network Architecture, Networking, Technology, Virtualization and Cloud Computing, VMware, VMware | Tagged 8 NSX Managers, ARP snooping, Central CLI, CLI monitoring, communication channel health monitoring, Cross-VC NSX, Cross-VC NSX object, Cross-VC NSX objects, Cross-vCenter, Cross-vCenter Networking and Security, DFW, DHCP snooping, distributed firewall, DSX logical router, eight NSX Managers, global, host locale ID, ip address, IP Set, local egress, locale ID, logical router, logical switch, MAC address, MAC Set, multi-site deployment, multi-vcenter NSX, Network Virtualization, north-south, North-South traffic, NSX, NSX 6.2, NSX 6.2 new feature, NSX Controller Cluster, NSX Controllers, NSX DFW, NSX Distributed Firewall, NSX DLR, nsx logical router, NSX logical switch, NSX LS, NSX Manager, NSX multi-site deployment, NSX network virtualization, NSX Security Groups, NSX UDLR, NSX Universal Controller Cluster, NSX Universal Controllers, NSX Universal DFW, NSX Universal DFW Rules, NSX Universal Distributed Firewall, NSX Universal Distributed Logical Router, NSX Universal Logical Switch, NSX Universal LS, NSX Universal Rules, NSX Universal Synchronization Service, NSX Universal Transport Zone, NSX UTZ, NSX with multiple vCenters, primary NSX Manager, secondary NSX Manager, security, Security Groups, trace flow, UDLR, universal, Universal Controller Cluster, Universal DFW, Universal DFW rules, Universal Distributed Firewall, Universal distributed firewall rules, Universal Distributed Logical Router, Universal DLR, Universal Logical Switch, Universal LS, Universal rules, Universal Synchronization Service, Universal Transport Zone, UTZ, vCenter, VMware network virtualization, VMware NSX 6.2, VMware NSX Manager, VMware vCenter, VSS | 1 Comment

VMware NSX Service Composer: Advanced Security & Micro-segmentation

Posted on March 16, 2015 by Humair

In a prior blog, Firewalling & Micro-segmentation with VMware NSX, I discussed some of the basics of firewalls and micro-segmentation with VMware NSX. In this blog, I’ll introduce how security groups via NSX Service Composer can be used with VMware … Continue reading →

Posted in Dell, Dell EqualLogic, Dell Force10, Dell PowerEdge Blade Servers, Dell PowerEdge Rack Servers, iSCSI, Labs, Network Architecture, Network Security, Networking, Security, Servers, Storage, Technology, Virtualization and Cloud Computing, VMware, VMware | Tagged advanced security, advanced security policies, container, converged network, DCB, Dell, Dell DCB iSCSI, Dell end-to-end converged infrastructure, Dell iSCSI, Dell MXL, Dell S4810, Dell S6000, Dell VMware NSX, Dell VMware NSX Architecture, Dell VMware NSX design, Dell VMware NSX Guide, Dell VMware NSX RA, Dell-VMware NSX Reference Architecture, dynamic membership, end-to-end converged infrastructure, ESXi, firewall, firewall rules, iSCSI, iSCSI converged network, logical switch, micro-segmentation, Micro-segmentation with VMware NSX, microsegmentation, microsegmentation with VMware NSX, MXL, NSX, NSX advanced security policies, NSX Distributed Firewall, NSX firewall, NSX firewall rules, NSX logical switch, NSX partners, NSX security group container, NSX Security Group dynamic membership, NSX Security Groups, NSX security policy, NSX service chaining, NSX Service Composer, NSX Service Composer advanced security policies, NSX Service Composer Canvas View, NSX Service Composer container, NSX Service Composer Security Group, NSX Service Composer security policy, NSX-V, Palo Alto, Palo Alto Networks, Palo Alto Panorama, Palo Alto's Panorama, Panorama, S4810, S6000, security, security group container, Security Group dynamic membership, Security Groups, security policy, service chaining, Service Composer, Service Composer advanced security policies, Service Composer Canvas View, Service Composer container, Service Composer Security Group, Service Composer security policy, symantec, virtual machines, vms, VMware achitecture, VMware design, VMware ESXi, VMware logical switch, VMware NSX, VMware NSX advanced security policies, VMware NSX architecture, VMware NSX design, VMware NSX Distributed Firewall, VMware NSX firewall rules, VMware NSX logical switch, VMware NSX partners, VMware NSX security group container, VMware NSX Security Group dynamic membership, VMware NSX Security Groups, VMware NSX security policy, VMware NSX service chaining, VMware NSX Service Composer, VMware NSX Service Composer advanced security policies, VMware NSX Service Composer Canvas View, VMware NSX Service Composer container, VMware NSX Service Composer Security Group, VMware NSX Service Composer security policy, VMware NSX-V, VMware NSX-v design, VMware NSX-vSphere design, VMware Security Groups, VMware Service Composer, VMware virtual machine, VMware VM, VMware vSphere, vSphere | Leave a comment

Firewalling & Micro-segmentation with VMware NSX

Posted on December 8, 2014 by Humair

One very exciting and strong use case for VMware NSX is advanced security. VMware NSX has some inherent security features and also allows for 3rd party security appliance integration. In this blog, I’ll briefly discuss the firewalling and micro-segmentation capabilities … Continue reading →

Posted in Dell, Dell Force10, Labs, Network Architecture, Network Security, Networking, Virtualization and Cloud Computing, VMware | Tagged centralized firewall, Dell, Dell Networking, Dell Networking S4810, Dell Networking S4810 switch, Dell Networking S6000, Dell Networking S6000 switch, Dell S4810 switch, Dell S6000, Dell S6000 switch, Dell VMware NSX, DFW, DFW logging, distributed firewall, Distributed Firewall logging, east-west traffic, Edge Services Gateway, ESG, ESXi, ESXi hypervisor, firewall, firewall logging, firewall virtual appliance, firewall virtual appliances, micro-segmentation, Micro-segmentation with VMware NSX, microsegmentation, microsegmentation with VMware NSX, network segmentation, North-South traffic, NSX DFW, NSX DFW logging, NSX Distributed Firewall logging, NSX Edge Services Gateway, NSX ESG, NSX Security Groups, NSX-V, NSX-vSphere, One-Arm Firewall, perimeter-centric, perimeter-centric security, RBAC, Role Based Access Control, S4810 switch, S6000, S6000 switch, SDDC, security, security appliance, Security Groups, Security Tag, segmentation, Software Defined Data Center, traditional firewall, traffic tromboning, vCenter, VM Name, vmware, VMware DFW, VMware Distributed Firewall, VMware ESXi, VMware ESXi hypervisor, VMware NSX, VMware NSX DFW, VMware NSX DFW logging, VMware NSX Distributed Firewall, VMware NSX Distributed Firewall logging, VMware NSX Edge Services Gateway, VMware NSX ESG, VMware NSX firewall logging, VMware NSX-V, VMware NSX-vSphere, VMware vCenter | 4 Comments