VMware NSX Reviews

The Internet is a nasty place, and getting nastier. Current breach detection products using traditional anti-malware sandbox technologies can’t keep up with advanced persistent and hyper-evasive threats that pummel enterprise networks on an hourly basis. Malware authors encode their exploits with a number of operational vectors, so in case one entry point doesn’t work they can still find a way into your network to do their dirty work. And as more businesses hire more outsourced consultants, part-time workers, and employ mobile devices, they open up additional mechanisms for malware to enter their corporate networks.

Some traditional AV and endpoint protection vendors have responded to these threats by adding features to their security products to do a better job of anticipating badly behaving packets coming through their detectors. They make use of limited virtual machines or operating system emulators to view how a piece of malware operates. That is great, but it isn’t enough. Many malware authors can detect when these simulated environments are active and can evade detection accordingly. For example, some exploits such as W32.DelfInj can literally go to sleep for several days to avoid any detector that will just scan an infected system for the first several minutes.

What is needed is a next-generation sandbox that can correlate a series of particular breach events add IP and object based reputation analysis and do this in near real-time. This is what the Lastline Breach Detection Platform does. What makes them unique is their range of discovery, the way they can effectively mimic actual PC or smartphone endpoints to examine malware behavior.

Download my full review of their system here.

Lastline has four major components:

• Network sensors. Lots of security tools have sensors, and certainly this is the cornerstone of any modern security tool. What makes Lastline more interesting is that it combines IP and domain reputation analysis with malware fingerprinting techniques. 

• Advanced sandbox screening tool. Suspicious objects that are suspected to be zero-day threats are collected from the sensors and analyzed with the Lastline next-generation sandbox, which emulates a complete endpoint system (OS, memory, and peripherals). Other sandboxing tools leave small in-guest code stubs that can reveal they aren’t “real” endpoints; Lastline doesn’t have these clues for malware to key into and looks just like regular computers. 

• Reporting and threat analysis tool. Low-level event data is then collected and correlated into a particular security incident, which then updates an online threat database. For example, just by clicking on a few different menu items, we can see how often the same infection was downloaded by a particular endpoint, or why a particular event led to other activities across our network, or how a piece of malware was attached to a series of different email messages.

• Rich threat intelligence of advanced threats.Known exploits and IP based systems associatedwith advanced malware are highly dynamic and traditional signature-based knowledge bases are ill equipped to keep up. Lastline threat intelligence draws on its global collection of next-generation sandboxes.

They just announced added Mac OS X support, which I didn't get to test. 

It is a bit tricky to install the various components and to get it set up properly. But once you do, you can take full advantage of its features. 

No.

No, indeed this is one of its main benefits. You can scale it up to handle very large networks with their modular and SaaS-based tools. 

To add flexibility to its system, both the next-generation sandbox and reporting tool can be either hosted or installed on-premises.

Their core idea is to run a piece of suspected malware in such a way as to provide the ultimate examination of its operations. Suspected code is extracted from the network traffic flow, analyzed andcorrelated with other network-level events to provide a full picture of what happened. It has one of the most throughout analysis sandbox engines. But what is more important is how they are able to provide actionable intelligence to a wide variety of leading security vendors’ intrusion prevention and unified threat management platforms from WatchGuard, Barracuda, TippingPoint, Juniper, Tripwire and others. Through a combination of application programming interfaces, Lastline can send and receive firewall blocking rules and breach event data to/from the appropriate systems that you have already purchased, so that these threats can be quickly stopped.

Yes, there are other sandboxing securing tools out there, but they aren't as thorough as what Lastline does.

Vendor team was first rate.

What I found most valuable is the security offered by VMware NSX. I also like that it is a feature-rich product.

VMware NSX should be able to scale for different customers, even the big ones. Its scalability needs improvement. Stability for it should also be improved.

An additional feature I'd like to see in the next release of this product is for it to have more integration with other public clouds.

I have concerns on the stability of VMware NSX, because it breaks multiple times in customer environments, especially when you scale it across a big data center.

VMware NSX still has a lot of scalability limitations, and needs improvement on how it can scale.

The support for VMware NSX has not been good recently. Some of their experienced staff have left the company, and that has impacted all their business units, including support.

VMware NSX is straightforward to install and configure, but for a user who's new to it, the product can be somewhat complex to understand, though not too complex.

The pricing model for VMware NSX is good, especially because it has a lot of features.

VMware NSX is a good product. It's the best solution in terms of the Enterprise FTN.

I'm quite competent on this product, because I've been working on it for a long time, so I find it easier to use.

I'm rating VMware NSX nine out of ten.

NSX gives us the ability to put our network, NSX, onto any network there is, which allows us not to have to go to the network team to create networks our VLANs for networks. We can just create all our networks right from the start. Whenever we want to spin something up, we just spin it up.

So far, what I've seen here at VMworld, it seems to be improving just the same line as everything else. It's going to expand, grow and grow and grow. It's going everywhere. It's not just going into "I'm using the V version of NSX," but it's going out to every environment. It's going out to all the clouds so that even if you have the V, you can also use the cloud part and put it into there, so it seems to be growing where it needs to go.

It still needs to grow. There are still some features that it doesn't do, like it doesn't do multicasting. It does do some multicasting, but it's within their own infrastructure, but multicasting in general, it doesn't do.

So far, it's been very stable. I've used it since the very beginning and it's been very stable in the beginning, and as they've added more and more features, it's become more and more stable in the environment; that is, better in the environment because we're able to use more and more features within it.

So far it's been very scalable, and with the new versions that are coming out, it's even more and more scalable. They've added more and more features of routing that they didn't have in the first versions, which allow it to be more scalable. It's become better than the actual infrastructure, the original network infrastructure that's there, because we can lay it on anything and it will scale to any part of the network that we want.

So far, I've had very good tech support. A lot of the guys we talk to are very knowledgeable, and if they don't know it, they're able to talk to others within their group that will know it. So I've gotten very good results from them.

The installation is very straightforward. The part that gets complex is how you do your routing, how you do your ESGs, how you set up the actual network itself within it. But once it's set up, you just create virtual switches and put any network you want on it. It becomes almost seamless.

In terms of criteria for selecting a vendor, it's a little of everything. It's the reputation that they have, but it's also more of the tech support, as well as the documentation that they have, because not everybody in their environment, as well as your own environment, knows everything. So you have to be able to look up stuff and have that knowledge to be able to do it, as well as allow them to do it.

They have a lot of good KB articles on what's going on, so if you need a problem solved, you look at that first and you'll be able to find it pretty easily.

Some of NSX's most valuable features are:

• Its distributed firewall
• The we can actually extend Layer 2 networking across datacenters, and also Layer 3 networking, which comes along with it.
• The routing and switching.

They could branch out to the physical layer. Today, it's just the virtual layer, and they're starting to talk about the physical layer. We'd like to see the physical layer incorporated.

We've been using NSX now with Layer 2 stretching for approximately 10 months. We're getting ready to really ramp up the DFW, which is the distributed firewall piece, which we and our security team are very excited about.

NSX is a very stable product.

We've already scaled it across two data centers. We'll be incorporating two additional data centers, to give us that footprint, or IP address migration across four data centers. So, it's quite scalable.

The tech support for NSX is awesome. We are a premier production customer for VMware, therefore the tech support and the tech support representatives don't start a lower level. We start at the mid-level of the tech support engineers. Thus, we get answers very quickly. We also work with our technical account manager who knows what we're doing and what we've got coming up, so he's able to push things for us on the tech support side.

Our tech support's awesome.

The most important criteria when selecting a vendor (like VMware), it's important to us that they have the following:

• Their name recognition.
• The support that they provide.
• Their placement in the industry as a leader.
• The things that they're doing with NSX, which are phenomenal.

We're a supporter of VMware, and likewise they're a supporter and a partner with us and what we're doing.

It's really a great product. It fits all of our needs. Everything that we've asked it to do or asked VMware to help us get done with it, we've been able to do. Therefore, we're very excited about the product.

It is helping me get an entire blueprint done of the source and the target. I was able to make it into a catalog and can set up anything on the cloud quickly. 

The best part is the blueprint creation where I can create their things and then move on to the target environment.

The price is pretty high and their product stack forces me to use the feature set compared to all the others out there in the market from India. They could do more with cloud management, I need some third-party tools.

I have been using VMware NSX for the past four years.

VMware NSX is a stable solution.

The scalability is not a problem.

It was complex, but we worked on all the templates and now it is easy.

I would recommend getting your case worked out well before you get into any customer environment. When it comes to an out-of-the-box feature set on the website, it is not how it really works. Do the POC before you go into a real-time production implementation. I would rate VMware NSX an eight out of ten.

Our clients consist of enterprise companies. 

From my experience, VMware on a private cloud is a good choice. They offer some great webinars and workshops to learn how to use the product better.

Over the last two years, they've enhanced a lot, especially in regard to integration with OpenStack.

It's great for building a virtualized environment. It features great motion mobility, its own logical distributor, router switches, load balance, firewall, etc. 

I have been using VMware NSX for four to five years. 

Personally, I find VMware NSX to be very stable. 

They need to enhance their technical support. There is no comparison between VMware technical support and Cisco's technical support. It's one of the main criteria that everyone is looking for.

The initial setup was straightforward. Deployment was very easy.

VMware NSX is expensive and everything is licensed. We have to pay for each individual feature. 

Be sure to read over the documentation on their website. They announce a lot of webinars and workshops for the product. It's good marketing and you should attend them. 

Overall, on a scale from one to ten, I would give this solution a rating of six. 

I work with two different companies with different large cloud environments. 

This product is a software-defined network, and that allows you to create virtual access networks and managing security to allow for different workloads.

The solution offers a very good software-defined network that allows you to create virtual access networks. It's very helpful at allowing you to manage security to allow for different workloads. 

One of the big improvements between the NSX-V and NSX-T is that in NSX-T you are no longer dependent on V-Center anymore. That was a huge improvement due to the fact that it allows you to take into account new cases, and have better scalability, among other improvements.

There is always room for improvement, in any solution. 

In some cases, this product is very technical. 

Some configuration maximums are limiting to the user, especially when it comes to the deployment of very, very large environments. There are limits to the number of firewall rules, security groups, et cetera. With the number of security groups, you can nest all these limits, however, somehow limiting the use cases may be restrictive for the free design of different use cases.

I've been working with the solution for a while at this point. It's been at least a couple of years.

The scalability capabilities have improved in NSX-T. It is much better than when the NSX-V version was out.

I work with two different clients, both of which are quite sizeable. They have thousands of machines and thousands of security groups.

I didn't work with another solution per se, however, the previous triggered cloud tool that we had was by VMware. It was not really, at least at the very beginning, a tool for a software-defined network, however, there were some elements that allowed you to create customer networks practically on the fly. There were also some other network visualization techniques, which allowed you actually to encapsulate the traffic and to create networks on the fly. You had some security constructs, including tenents constructs, that you can find somehow in the VRA today. The tenant concept is also present in NSX.

Our customers can use the solution for free, however, this comes with restrictions.

We are consultants and integrators. We have a business relationship with VMware.

I am working with both NSX-V and NSX-T. The latest one is actually NSX-T.

On a scale from one to ten, I would rate it at an eight.

Security. Our Trend platform runs off NSX.

We use the solution strictly for security.

Roughly six months.

We didn't have this issue, but I would recommend to others looking at this solution to make sure that their hardware is compatible.

It seems to be taking care of our whole environment. It seems to be pretty scalable.

I have not used it, but my coworker has. Every time he talks to them, they're easy to get a hold of; very knowledgeable and they solve his issues right away.

If you put in a trouble ticket, they contact you very quickly (in response). If there is a problem, it usually isn't around very long. They jump on it, fix it, and it's done.

We were on McAfee, and we switched to Trend. We switched to Trend because Trend supports virtual environment a lot better than McAfee does.

Trend migrated in a way that it will only work with NSX. The older version of Trend that we were on worked without NSX. The newer version does not. Now, we use NSX in conjunction with Trend.

We upgraded Trend to keep up-to-date and all the security loopholes closed.

Most important criteria when selecting a vendor:

• They have to be able to support the environment you're running.
• The service and support is a big must. We work at an Enterprise level, so sometimes you can't go with the little new guy. You need that 24 hour service and support, seven days a week. It is very important for us.