VMware is advancing its Software Defined Networking (SDN) vision with a major update for the NSX virtual networking platform.
NSX-T 3.0 became generally available on April 8, marking the first major milestone update since NXS-T 2.5 was announced last August. VMware built NSX on technology gained via the $1.2 billion acquisition of Nicira in 2012 and has steadily improved the technology over the past 8 years.
Among the major new features that have landed in NSX-T 3.0 is a new federation capability that can enable organizations to federate multiple disparate networks into a logical topology.
"NSX Federation in NSX-T 3.0 helps deliver a cloud-like operating model by simplifying the consumption of networking and security constructs," NSX SVP Umesh Mahajan explained in a blog. "It introduces the NSX Global Manager, a centralized console for managing the network as a single entity while keeping configuration and operational state synchronized across multiple locations."
In a video detailing the new NSX Federation, Dimitri Desmidt, Senior Technical Product Manager at VMware, said before Federation, all NSX customers with multiple sites had to manage each site separately, and managing on-premises sites alongside different multi-cloud deployments also had to be done individually. The NSX Global Manager can now be used to deploy and manage the different NSX-T 3.0 deployments and to keep a uniform security policy as well.
The different NSX-T deployments are not just IP-based, but can also be grouped with what Desmidt referred to as "dynamic membership," which includes VM names, tags and other types of logical groupings.
Federation Aids Disaster Recovery
Beyond just enabling easier and more consistent management, NSX Federation can also be used to configure networks that are stretched across multiple disparate geographic locations.
Desmidt said that with a stretched network, failover and disaster recovery can be designed as part of the network deployment and operational model.
Security also gets updated in NSX-T 3.0 with the addition of a distributed Intrusion Detection System (IDS) that is an enhancement to the existing service defined firewall. VMware first announced the firewall a year ago.
"Unlike traditional architectures that hairpin traffic to discrete appliances, NSX Distributed IDS/IPS distributes the analysis out to every workload and curates the signatures evaluated by each engine based on precise knowledge of running applications," Mahajan explained.
Sean Michael Kerner is a senior editor at EnterpriseNetworkingPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.