Zoom Logo

VMware NSX Data Center Technology Roundtable - Shared screen with speaker view
Washington DC VMUG
14:59
Thanks for joining us, we appreciate the support! Please remain on mute and kindly off hold on any questions until the end of the session.
Washington DC VMUG
28:49
If you're not presenting, please turn your video OFF. Thank You.
Sean Whitney
47:23
Don't be shy to ask questions here in chat everyone, Tom and I are continually monitoring.
Gregory Digsby
48:30
okay you saying each vm has it own policy which goes when the vm machine move from one area to another correct
Tom Rumland
48:58
that’s correct. picture a fw attached every single vnic
Seamus Lavery
49:05
How many instances of companies trying to go ACI as well as NSX have the team seen ? Is there still the concern about backing the wrong SDN horse?
Tom Rumland
49:09
when the vm moves the ruleset follows
Gregory Digsby
49:19
okay thanks
Gregory Digsby
49:53
that a good thing to know
Tom Rumland
50:37
we see it occasionally. the key is “better together” in the sense that you can use NSX to secure and virtualize your VMs and leverage ACI to manage the physical underlay programatically
Seamus Lavery
50:50
One of my client's main decisions to implement NSX was the Identity Firewall - so FW rules are applied to different users based on AD group membership - can't do that with a H/W firewall :-)
Tom Rumland
51:22
there’s a bunch things you can’t do with a physical fw ;)
Sean Whitney
51:50
Seamus - It depends on what the customer is trying to accomplish. However, from experience, the majority of my customers who are running ACI explore NSX as well for the security features.
Seamus Lavery
52:37
The sticker shock for both ACI AND NSx can we eye watering
Seamus Lavery
52:55
can be
Tom Rumland
53:13
yes! the folks that do both tend to be larger and have very deep pockets
Andrew Howell
54:48
Is there a limit on the number of security tags that can be applied to a VM?
Washington DC VMUG
55:27
Do you recommend folks to start planning/migrate from NSXv to NSX-T due to at some point v will not longer be around?
Seamus Lavery
55:38
From what I've seen one of the challenges of the SDDC in general for some companies is that their support models are very silo based - with ownership of network and compute and storage and security traditionally falling under different towers and they don't like the new One big SDDC team model :-)
Tom Rumland
56:03
Andrew, yes. i think its 32
Sean Whitney
56:04
Yes - absolutely. All new features are in NSX-T (NSX Intelligence, Federation, Cloud, Containers, Bare Metal, etc).
Sean Whitney
56:59
Agreed, Seamus. Lot's of valid points, it's a change in order to support the digital transformation :)
Tom Rumland
57:57
VMUG - yes. NSX V is in maintenance mode and will be EoS in 2022. We do have a program to help folks migrate to T. Please contact your VMware team to talk about that.
Timothy Kaso
57:58
We have a multi-tenancy environment with no central AD. Is there any integration with products like AppGate or Cisco ISE to use the identity established to set roles in NSX?
Gregory Digsby
58:32
this can cause issue with security and the VM ware team if there not on the same page I have seen this before
Tom Rumland
59:40
Timothy - we can integrate with VIDM. What I don’t know is if VIDM integrates with those products. We also support LDAP, btw, so that may help.
Tom Rumland
01:00:46
Gregory, we will have a Q&A at the end. Please bring it up then.
Gregory Digsby
01:00:55
okay thanks
Sean Whitney
01:01:16
I don't believe we integrate with either. We have 12 RBAC roles as well as Tom mentioned we integrate with AD and LDAP.
Washington DC VMUG
01:05:11
Great Jeopardy nugget Tom! :-)
Tom Rumland
01:05:24
;)
Washington DC VMUG
01:20:24
If you have any questions, please post them in this chat session. Thanks!
Steven Kisiel
01:21:11
How does cost work with advanced load balancer if you already have NSX
Seamus Lavery
01:22:16
They ALWAYS blame the network :-)
Andrew Howell
01:22:34
@StevenKisiel You act like you have not $$$
Steven Kisiel
01:22:59
http://www.isitthenetwork.com/
Tom Rumland
01:25:10
Steven - The LB is a separate license and is calculated by vCPU used by the Service Engines. We have a tool that cat can read your F5 config and produce a sizing quote as well as configure the ALB when you deploy it.
Seamus Lavery
01:36:44
How is the adoption of VIO ?
Seamus Lavery
01:37:02
Are you seeing a lot of uptake?
DaveM
01:37:54
I have extensive VMware experience and am highly interested in getting more acclimated with NSX. Where would you all recommend is a very good starting point, other than these webinars/webcasts? I have some NSX knowledge, but pretty much green.
Douglas Yablonski
01:38:58
Hand on labs!!!!
Seamus Lavery
01:39:05
With the current crisis will we expect to see changes in companies' IT Strategy re WFH and accelerated exiting from DCs ?
Tom Rumland
01:39:14
https://labs.hol.vmware.com/HOL/catalogs/catalog/1212
DaveM
01:39:21
awesome, thanks!
Tom Rumland
01:39:22
Look for HOL-2026-1
Aaron Sevier
01:39:57
Will NSX-T be available via VMUG advantage?
Douglas Yablonski
01:40:00
All VMware products. not just NSX. But that's the best
DaveM
01:40:03
great, thanks guys!
Aaron Sevier
01:40:38
Thank you
Andrew Howell
01:40:49
With that said NSX-V license works on -T
Gregory Digsby
01:40:50
okay thanks good information
Aaron Sevier
01:41:14
Perfect, thank you!
Seamus Lavery
01:41:16
you need a beefy home lab set up :-)
Aaron Sevier
01:41:25
No problem with that ;)
DaveM
01:43:50
very good, thank you guys!!
Seamus Lavery
01:43:51
many thanks
Steven Kisiel
01:43:55
Thank you