Networking for the SDDC
NSX network virtualization is a transformative architecture from VMware that enables the full potential of a Software-Defined Data Center, making it possible to create and run entire networks in parallel on top of existing network hardware. This results in faster deployment of workloads, as well as greater agility in the face of increasingly dynamic data centers.
- Create a flexible pool of network capacity that can be allocated, utilized and repurposed on demand.
- Decouple the network from underlying hardware and apply virtualization principles to network infrastructure.
- Deploy networks in software that are fully isolated from each other, as well as from other changes in the data center.
NSX reproduces in software the entire networking environment, including L2, L3 and L4–L7 network services within each virtual network. NSX offers a distributed logical architecture for L2–L7 services, provisioning them programmatically when virtual machines are deployed and moving them with the virtual machines.
With NSX, you already have the physical network resources you need for a next-generation data center.
Agility and Streamlined Operations
You can deploy NSX non-disruptively on top of your existing physical infrastructure. Just as with server virtualization, NSX network virtualization lets you treat your physical network as a pool of transport capacity, with network and security services attached to workloads using a policy-driven approach.
- Reduce the time to provision multi-tier networking and security services from weeks to minutes by creating virtual networks. Each network is customizable for its supported workloads and isolated from all other virtual networks.
- Leverage a new operational approach to networking as you programmatically create, provision, snapshot, delete and restore complex software-based networks.
- Develop, test and deploy new applications faster by aligning network and security provisioning with compute and storage provisioning.
Security and Micro-segmentation
NSX brings an SDDC approach to network security. Its network virtualization capabilities enable the three key functions of micro-segmentation: isolation (no communication across unrelated networks); segmentation (controlled communication within a network); and security with advanced services (tight integration with leading third-party security solutions).
Key benefits with micro-segmentation:
- Network security inside the data center: Fine-grained policies enable firewall controls and advanced security down to the level of the virtual NIC.
- Automated security for speed and agility in the data center: Security policies are automatically applied when a virtual machine spins up, are moved when a virtual machine is migrated and are removed when a virtual machine is deprovisioned—eliminating the problem of stale firewall rules.
- Integration with the industry’s leading security products: NSX provides a platform for technology partners to bring their solutions to the SDDC. With NSX security tags, these solutions can adapt to constantly changing conditions in the data center for enhanced security.
Platform for Advanced Networking and Security Services
Change in traditional networks can be slow and error-prone, making them poorly suited to the fluctuating demands of the data center. By contrast, you can configure virtual networks with NSX dynamically and automatically, adding new services—whether they are virtual or physical—as needed.
NSX is the networking foundation for the SDDC, giving you the tools to:
- Integrate advanced functionality from leading vendors: The industry’s best providers of software and hardware for networking and security have integrated with NSX, making it possible to meet the demands of the most sophisticated data centers.
- Automate the delivery of network services: NSX allows cloud management platforms to automate the delivery of network services, eliminating the need to manually reconfigure physical network devices. You can then build advanced workflows to automate provisioning of networking and security, including switching, routing, firewalling, and load balancing.
- Bridge the physical and virtual parts of the data center: NSX enables you to connect your virtual networks to physical workloads and legacy VLANs. Products from VMware’s technology partners extend this capability to physical switches as well.