VMware NSX Reviews

We are using VMware NSX primarily to enable address mechanisms in terms of having to provide the workloads publicly.

In India and similar regions, the CSP faces a significant challenge. The primary issue is related to network address cancellation, which requires private to public IT mapping and the use of the CSP's own IP address space. VMware NSX has been effective in addressing this problem, along with the virtual firewall's ability to function as a network firewall. This has helped to minimize the need for customers to take responsibility for their network security. In these regions, customers expect full-service solutions and do not typically embrace DIY approaches. An analogy for this situation is that if a customer buys a toothbrush from you, they might expect you to brush their teeth for them.

VMware NSX's overlay network is its most valuable feature, as it aligns with any network philosophy and allows for efficient addressing mechanisms. Additionally, the ability to extend the on-premise network into the provider space is beneficial. There are many features provided.

There is room for improvement in VMware NSX's workload management, particularly in the orchestration layer and in managing workloads across multiple clouds.

Additionally, where workload management could be improved is in the ability to federate workloads seamlessly between different control panels. For example, if I am using VMware vCenter as my control panel and have partnered with a non-VMware provider, I should be able to manage my workloads as a customer without having to worry about orchestration. This is an area where there is potential for improvement.

I have been using VMware NSX for approximately eight years.

The scalability of VMware NSX is similar to other solutions. It is scalable.

I rate the scalability of VMware NSX a seven out of ten.

We did not have local support to go to in India. There is no support center here.

I have used Qumulo but we needed to buy a switch for it which was not favorable.

The initial setup of VMware NSX is not complex. If someone has an understanding of how networks work it will be easy. It can take some time to be completed. For example, to configure the solution with the correct commands.

The implementation time can vary depending on the clarity and complexity of the requirements.

When comparing VMware NSX to OpenStack, VMware NSX is simpler to implement.

I rate the initial setup of VMware NSX a six out of ten.

The price of VMware NSX is optimal. Additionally, the price of the solution can be negotiated with the vendor. Many areas of the solution can impact the cost, such as features, time for onboarding, and support needed.

We evaluated other options before choosing VMware NSX.

VMware is a pioneer in virtualization, they are good at what they do. They score high overall in capability.

I rate VMware NSX an eight out of ten.

The solution is primarily used for micro-segmentation for the security of virtual machines.

VMware NSX offers some of the best features for security, such as micro-segmentation. This feature allows us to define policies on a per-virtual machine basis. For example, if we have four virtual machines, we can have four different firewalls attached to each of the VMs. This allows us to monitor the traffic between each VM, as they will have to go through two firewalls or two IPs. This added layer of security provides a great benefit to those utilizing the solution.

Despite being somewhat behind in the cybersecurity field, VMware should develop a cloud and a red team to continuously monitor for new malware and ransomware. They must maintain their own cloud to do their own research, and send the resulting hashes or values to all customers using VMware NSX. This will ensure that each customer is regularly updated with the latest malware and ransomware hashes to keep their systems secure.

Web filtering is a good feature that I would like to have added to the solution.

I would like the ability to limit the bandwidth per virtual machine to ensure that I understand the throughput requirements of any application that is running. This way, I can be protected from the risks of a DoS or DDoS attack, which may require a high level of throughput. This limitation would apply to Layer 4 or Layer 5 of the network.

I have been using the solution for three years.

VMware NSX is stable.

The great advantage of VMware is its scalability and hardware independence; The solution is compatible with a wide range of server brands, including Dell, Lenovo, HP, and Cisco.

My job was to offer consultancy, demonstrations, and conceptual approval to the VMware official team and their partners.

Positive

Of all the cybersecurity vendors we have, the installation of VMware products is the most straightforward. The time needed to deploy depends on the purpose of the use case. Complex tasks between two data centers could take up to four days, whereas micro-segmentation would usually take only two days.

I give the solution an eight out of ten. The solution is missing the red teams and R&D necessary to continuously receive updates from the cloud. Additionally, two other features are absent from VMware NSX which are bandwidth limitation and URL filtering.

We have two people using the solution. I'm the only architect, and the other person is mainly responsible for checking logs to determine if any resources are needed and then assigning those resources to the appropriate virtual machines. 

For someone who wants to secure their data center and three-tier application architecture (database, web application, etc.), they should use micro-segmentation with VMware NSX. This would enable them to set policies on a per-virtual machine basis. For example, if each VM has two virtual NICs assigned to it, each virtual NIC would have its own firewall, policy, and IP. This way, even when two virtual machines need to communicate with each other, their traffic will pass through two separate firewalls within the server. In addition to micro-segmentation, NSX also provides switching and routing services. The use of a data center firewall can be cost-effective for enterprise customers, SMBs, and medium-sized customers. By utilizing the routing, switching, and firewall capabilities provided by the data center firewall, the load on data center switches and routing can be reduced, making it a more cost-efficient option. The throughput required by the data center firewall, be it a Fortinet or Palo Alto Checkpoint, is directly proportional to the cost. With increased throughput, the cost of the firewall will also increase. VMware NSX offloads the workload from the data center firewall, taking on the task itself. This is possible without impacting performance because it is a software firewall, so it absorbs all the load from the data center firewall, providing the same security measures as the legacy firewall would.

This product is a software-defined data center with a cloud-native approach. We mainly use it for application migration of some of the architecture to containerized solutions.

The management platform is great. I really like the management dashboard, the tailor-made assurance, the telemetry, and the ease of integration with all other solutions of VMware, such as vSphere. They also integrate well with other third-party security platforms. It's very easy to give an integration of the cloud tenant of NSX. It's very easy to build and migrate a cloud project.

It's very complex. However, I don't work directly with it typically.

We had started two projects for integration with OpenShift and OpenStack with NSX. It was declared by VMware that this is possible, however, the process is very tricky. The full integration was delayed to wait for a new official release. I don't know the actual stage, as this is something that happened more than a year or two ago. It was the beginning of the pandemic. In any case, the integration with OpenShift, the open-source cloud platform, at the time was in need of work and was (and remains) something required from our customers. 

They have to work more and more on the integration for public cloud services and have cyber security platform integration.

I've been using the solution for about five years. 

The solution is stable. There are no bugs or glitches. It doesn't crash or freeze.

It seems to scale. However, we don't have enough data in order to say how much clients scale out or the performance when a company is trying to scale out an NSX-T environment. We are not a cloud provider. We don't have a cloud environment to test it.

In terms of who is using it on our side, we have about five to seven people who have the operational capability on NSX-T. 

In our organization, we use only a small NSX-T cluster. We have a bigger one for our lab. I can't speak to the usage of our customers where we deployed it.

We're pretty satisfied with technical support.

We previously used OpenShift together with OpenStack. It's a different platform. One is open-source and the other is a commercial platform with vendor support and established customers.

The initial setup is very simple. It's not overly complex.

All the VMware platforms are really easy to implement. They require knowledge, of course. However, if you follow the procedure, the output is good.

The deployment itself doesn't take more than two or three days. 

That said, we have knowledgeable workers that have done NSX and the previous release (not the NSX-T). They have done deployments several times. That's why, each time, it's really easy to do. If you have to do that in a customer production environment, it will take say no more than one week including both the deployment in production and the training for the customer.

We have three people that can handle deployment and maintenance tasks. 

I can handle the implementation myself. We also have trained people inside our organization. We don't need the assistance of integrators or consultants.

I can't speak to the exact licensing costs of the solution.

Most deployments are on-premises or via a private cloud in the case of enterprise clients.

We started several deployments with NSX-T version 3. I can't speak to which version we are on currently.

It works and it is powerful in terms of governance, telemetry, ease of use, and ease of deployment. The operation is very simple. Of course, you have to train someone in order to use it effectively. It's very easy to find training. For us, it's good to have a third party with enough experience in order to support other projects where we don't have enough people in order to do that.

I'd rate the solution at an eight out of ten.

Our primary use case is moving from physical to VM infrastructure.

This solution has given us the ability to move from a physical to a virtual server estate with all of the expected VM benefits of decoupling servers from dedicated hardware.

The most valuable feature is the ability to create, develop, and deploy servers in minutes to hours, rather than days.

It could be cheaper!

I have been using VMware NSX for seven years.

To be able to do the DR and SRM migrations from datacenter to datacenter, we're able to do them with SRM with VXLAN, with the NSX product.

Just being more knowledgeable about the different functions. I think the product is fine. It's just learning more about the product, and how you can benefit from it, and what it's got to offer.

Very stable. We've had great success with it. It's a different mindset for the actual network folks that are used to building an old traditional way, but it's much faster to get things deployed with firewall rules.

It's definitely scalable, however large, however small. We can bring people in with VDI desktops, with a control set already around that, to be able to control what they get without having to create a new VM and recreate all the policies. It's already done upfront.

It's great, if we have any problems at all, we give them a call. If there's something that's new that we're trying to figure out, they're real good about helping us out.

At first, it was a little complex, but it's more internal, just learning a new product and what it can do for you. But once you get all that set up, and done with the collaboration, and the other groups, it's really not that bad.

In terms of selecting a vendor, our end goal is to be able to accomplish a certain function that we need to for the business. But also, if we have any trouble, to be able to call and get some support, and work through those issues without, "You bought the product now, so you're on your own." They've been real good about support.

It's changed the way we do things. It's made things a lot more easy. Once everything's set up, and you have the collaboration from all the other different groups, it just works. It's going to help me be able to do a lot of the DR stuff that I'm working on with VXLAN, working through NSX and all those rule sets.

The tool is very useful for cloud providers who need to manage things like Microsoft Enterprise.

The performance is good.

The setup is complex and should be made easier.

I have been using the solution for three years.

It is a stable solution.

It is a scalable solution. Good to scale in and scale out, and add benefits resources. Customers use it across the globe.

The technical support team is dependable because we use the service a lot of time. We opened a lot of cases and it was solved.

The tool's setup is complex. When I deployed it myself, it took less than one day.

We can do many things with NSF; for now, most of the things are the micro security capabilities and features. I recommend the solution. I rate it eight out of ten.

We are using VMware NSX for network security.

It is used for Tanzu, it is successful for our Kubernetes environment.

The most valuable features are ease of use and user interface.

The security feature for the Kubernetes environment can be improved.

I have been using this solution for approximately one year.

The solution is stable.

The solution is scalable. 

We have approximately 10 users using this solution in my organization.

We have been satisfied with the technical support. They were able to solve our problems. However, they could be faster.

Positive

The installation is straightforward and it took approximately two days.

We did the implementation ourselves. We have a manager and an administrator that does the maintenance of the solution.

There is a license required for this solution and there is also a support license available. 

The price of the solution could be better.

I would recommend it to others.

I rate VMware NSX ten out of ten.

We use it as a distributed firewall and for security purposes.

It has reduced the number of people on the network team along with the system engineer involved in the security process. So, it is valuable.

We can't go without NSX, so it's invaluable from this perspective.

Its flexibility and integration with other VMware solutions are NSX's most valuable features.

The microsegmentation feature is very useful.

We would to have a reverse proxy. This would add great value to the solution. 

We would also like better integration with the standards on the market. For example, with OSPF, their integration in NSX is very low. It's not a full OSPF integration. It is too thin from a protocol perspective.

The product need to be improved. It is too complex.

The stability used to be perfect. Now, it is okay.

From a distributed firewall perspective, it's a solid solution.

It is scalable by design, so it's perfect.

The technical support is good. We have encountered several problems with NSX, and every time, support has found the solution to resolve the issue. 

In our company, we were starting a hosting solution, so it was by design. We have worked with VMware products for a long time, so it was natural to buy NSX.

It was a complex setup.

We implemented it ourselves.

The solution is expensive.

We did not consider anyone else.

If someone is looking for security in a vSphere environment, I don't know of another solution in the market besides NSX.

We had to buy new hardware in order to introduce NSX into our data center.

We don't use load balancing with this solution.

We don't use vCloud Director.