What needs improvement with VMware NSX?

A basic load balancer feature was present in a previous version, but the latest version only has an advanced load balancer. The vendor should integrate a basic load balancer in future versions. The advanced load balancer is mostly suitable for system integrators, but it is not usable for our company dimensions.

The network-extending capabilities for the physical environment need improvement. Instead of virtualization, the ability to add physical servers to the network could be enhanced.

Since most people are very much used to physical networking, they find it difficult to use VMware NSX in the initial stage.

One aspect that needs improvement is the need for further automation. We are already operating in a software-defined data center environment, and while the product is mature, there's room for enhancing automation.

I believe we need to attain a certain level of maturity and work closely with multiple customers to make substantial improvements and achieve notable results. The feature it can improve is essentially application-based load balancing with intelligent load distribution for applications that require redundancy and high availability. This feature operates at a micro-level, specifically focusing on the payloads of applications. To clarify further, I believe that if NSX offers this functionality along with robust security measures for application payloads, it would greatly benefit customers. Instead of investing in additional devices or appliances for load balancing and security, organizations would likely prefer to leverage NSX's integrated capabilities in this regard.

The tool's setup is complex and we need support to implement it.

The solution could benefit from improvements in its pricing and scalability.

There is room for improvement in VMware NSX's workload management, particularly in the orchestration layer and in managing workloads across multiple clouds. Additionally, where workload management could be improved is in the ability to federate workloads seamlessly between different control panels. For example, if I am using VMware vCenter as my control panel and have partnered with a non-VMware provider, I should be able to manage my workloads as a customer without having to worry about orchestration. This is an area where there is potential for improvement.

The solution could improve by having a more streamlined setup.

NSX's stability could be improved.

Despite being somewhat behind in the cybersecurity field, VMware should develop a cloud and a red team to continuously monitor for new malware and ransomware. They must maintain their own cloud to do their own research, and send the resulting hashes or values to all customers using VMware NSX. This will ensure that each customer is regularly updated with the latest malware and ransomware hashes to keep their systems secure. Web filtering is a good feature that I would like to have added to the solution. I would like the ability to limit the bandwidth per virtual machine to ensure that I understand the throughput requirements of any application that is running. This way, I can be protected from the risks of a DoS or DDoS attack, which may require a high level of throughput. This limitation would apply to Layer 4 or Layer 5 of the network.

A room for improvement in VMware NSX is that it has some security vulnerabilities, which means my company has to apply the patches every once in a while.

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it.

In the next release, they should enhance the visual interface. With NSX-T, it's difficult to communicate between the public cloud and the container.

I haven't found any shortcomings. It might be nice to have more AI in the future. It would help keep us from redesigning every time.

The integration with other brands is not the best and could be better.

They have some limitations in the firewall features as compared to the on-prem or dedicated hardware appliance. They can add more features, such as IPS and IDS, to the cloud firewall.

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions. It does not integrate well with many platforms.

There were some issues in finance and other accounting. The applications there are very old. To move these applications, we had to use some controls or web services for programming in a new program, for example, in Python or visual C#. You have to move these applications to new programming software. It was very, very complex to move them. However, we ended up doing it very well. ESX servers are a part that they don't implement. The client that this part of the VMware is important. You can implement more virtual machines using ESX server infrastructure. However, they couldn't complete this part since, for some arrangements in the contract, they don't put it in the contract. They need to buy new licenses to complete the project.

The price is pretty high and their product stack forces me to use the feature set compared to all the others out there in the market from India. They could do more with cloud management, I need some third-party tools.

VMware NSX can improve the migration tools from the older environments to the new environment. For example, the NSX-V has become a legacy solution, it's out of support, but customers are able to keep using it. For migration purposes, it's better for them to provide a proper tool. It will be easy to migrate from an old environment to a new one.

VMware NSX should be able to scale for different customers, even the big ones. Its scalability needs improvement. Stability for it should also be improved. An additional feature I'd like to see in the next release of this product is for it to have more integration with other public clouds.

VMware NSX provides a lot of automation capabilities, but there is still room for improvement.

The solution can improve by making it more straightforward, easier to install and maintain in the environment.

It isn't easy to deploy.

It's very complex. However, I don't work directly with it typically. We had started two projects for integration with OpenShift and OpenStack with NSX. It was declared by VMware that this is possible, however, the process is very tricky. The full integration was delayed to wait for a new official release. I don't know the actual stage, as this is something that happened more than a year or two ago. It was the beginning of the pandemic. In any case, the integration with OpenShift, the open-source cloud platform, at the time was in need of work and was (and remains) something required from our customers. They have to work more and more on the integration for public cloud services and have cyber security platform integration.

VMware NSX could improve by having more compatibility with other none Window-based operating systems.

VMware NSX needs improvement.

I cannot recall coming across any missing features. At this time, there is nothing I would need in a future release. Occasionally the licensing is not very clear. They should make it easier to understand.

NSX-T supports more platforms, and VMware NSX only supports some platforms like KVM. I want to see support for Hyper-V and other hypervisors. Their technical support could be faster as well.

Any technical product has its own limitations in one place or another. Our technical team is always looking for the solutions that they work with to offer more convenient integrations.

One drawback is this solution requires a lot of other products in the VMware ecosystem to have a full end-to-end operation orchestration monitoring. You have to buy a lot of add-ons to fully utilize the functionality. Some additional features in the next release could be for the solution to be more directed toward the end-to-end functions, from physical to virtual monitoring. It should also include streamlined troubleshooting of our operation.

There is always room for improvement, in any solution. In some cases, this product is very technical. Some configuration maximums are limiting to the user, especially when it comes to the deployment of very, very large environments. There are limits to the number of firewall rules, security groups, et cetera. With the number of security groups, you can nest all these limits, however, somehow limiting the use cases may be restrictive for the free design of different use cases.

The technical support could use some improvement.

The product is quite complex and that could be an area where improvements could be made.

There are always issues integrating with Cisco. Switching is always a big problem for us because our switch is not supported. If the integration was more open, then it would be good.

Traffic flow introspection topology visibility is definitely needed because at the moment, NSX-T lacks in this area. A hardware scan of the ESXi host for possible incompatibilities should be added to NSX-T/vSphere, as it would allow us to know in advance, for example, if a pNIC is not compatible with a version of vSphere before moving forward with an NSX-T deployment. It needs a better, integrated migration tool. Something like RestNSX with more elaborate capabilities from a troubleshooting perspective and pre-migration perspective would be an improvement.

I would like to see improvements made to the certification process. As it is now, you have to do the training with VMware itself, and you have to spend a lot of money doing it, which is very discouraging. If you compare other certifications especially from the cloud providers, you can get trained from your choice of training providers and not very expensive or learn on your own at your pace, prepare for exams and pass and your certificate will be issued. In contrast, you have to register under VMware to get training done at minimum of $3000 before your certificate is issued to you. The training costs a minimum of $3,000, which is expensive and should be reduced.

The routing functionality needs to be improved, as there are lots of bugs in the system. I would like to see automation capabilities in the deployment process.

Everybody needs a network to connect to, and VMware doesn't readily provide one. It is reliant on an existing network to connect to, which means that for me, it requires two different teams to manage the SDN.

It could be cheaper!

* vRNI * Improve integration with many third-party solutions, because only Palo Alto and Check Point, and VMware would be like improve this integration with other vendors.

The engineering team has room for improvement. They should have more of a Knowledge Base about different case studies and should develop more advanced features. These kinds of improvements will change the way things get done.

At the moment it hasn't helped us prolong our hardware refresh.

We would like tenant segmentation available in future releases.

The solution is quite complex. You need to keep your thinking cap on and know what you are doing: Go to the training and listen to the solution architects when they come in because they have a lot of knowledge. There is a concern and some confusion around who owns NSX in the end, whether it's the network team or the VMware team. There is not much confusion about this anymore, but there was at the start. Would it be owned by the network team, who might never even have seen VMware before, but would understand firewall rules? Or would it be owned by your average VMware person? As far as someone else putting it in, make sure you know who is going to own it, and they have the staff and the capabilities to cover it.

We would to have a reverse proxy. This would add great value to the solution. We would also like better integration with the standards on the market. For example, with OSPF, their integration in NSX is very low. It's not a full OSPF integration. It is too thin from a protocol perspective. The product need to be improved. It is too complex.

I would like to see extended performance charts in other versions of NSX. For example, CPU usage, memory usage, and bandwidth usage on NSX. I would rate this product an eight because it's a good product but it needs more work. They should fix some of the bugs.

The next release of NSX should try to make Kubernetes and container integration a little easier than it is now. It's quite a complicated process. I would rate this solution an eight because it doesn't have Kubernetes integrations yet, and it isn't multi-federated. Those are some of the things that need to be added to the product.

If you start with a new or greenfield environment, it is okay to implement. However, if there are other solutions already in place, it can be difficult to implement.

I would like to have automating reporting built into common service management platforms, such as JIRA, Serviceaide, and ServiceNow.

I would like them to make integration with other vendors easier.

I would like to see some more add-ons on the security features.

We would like them to improve the deployment time. The management console also needs a bit of improvement.

It should be more adapted to the physical side of network topology in order to prevent unavailability.