VMware NSX – Networking & Security

VMware HCX – Network Extension between sites

19 May 202519 May 2025 by Farhan Patel, posted in Software Defined Networking, VMware HCX, VMware NSX

Network extension use-case of VMware HCX allows us to extend networks from one site to another thereby allowing VMs to be migrated to target site by retaining the same IP addressing and avoiding any change of IP addressing for the workloads being migrated. In my previous post about VMware HCX titled 'VMware HCX use cases … Continue reading VMware HCX – Network Extension between sites

Multi-tenancy in VMware NSX

4 Jan 20255 Jan 2025 by Farhan Patel, posted in Multi-tenancy, Network Security, nsx-t, Security, Software Defined Networking, Software Defined Networking, VMware NSX

The why? VMware NSX provides you the ability to configure multiple tenants using a single NSX Manager instance. This essentially removes the requirement to deploy multiple NSX managers in order to achieve isolation for different customers or different environments. This multi-tenancy will help in situations where there are multiple customers requiring networking and security resources … Continue reading Multi-tenancy in VMware NSX

Securing virtual machines using NSX Distributed Firewall and migrating traditional networks to NSX overlay networking

28 Feb 2024 by Farhan Patel, posted in Network Security, Software Defined Networking, VMware NSX

Why VMware NSX? VMware NSX is L2 to L7 network virtualization and advanced security platform. NSX overlay networks which are backed by Geneve overlay protocol provide software defined networking capabilities. Overlay networking allows cloud scale networking whereby multiple overlay networks (NSX overlay segments backed by NSX overlay transport zone) related to multiple tenants can be … Continue reading Securing virtual machines using NSX Distributed Firewall and migrating traditional networks to NSX overlay networking

NSX-T VRF Gateway use-case and Traffic Flows

16 Jan 202416 Jan 2024 by Farhan Patel, posted in Network Design, Routing, Software Defined Networking, VMware NSX

Similar to routers with VRF lite feature, NSX Tier 0 Gateway supports VRF gateway feature which allows multiple VRF gateways to exist under the parent Tier 0 Gateway. Based on the VMware configmax portal, NSX version 4.1.2 supports up to 100 VRF gateways per edge node. VRF gateways in NSX save CPU, memory and storage … Continue reading NSX-T VRF Gateway use-case and Traffic Flows

NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

25 Sep 202327 Sep 2023 by Farhan Patel, posted in load balancer, nsx-t, Software Defined Networking, VMware NSX

Brief introduction about NSX-T Multi Site: Provides overlay networking which spans multiple locations. Consistent security using NSX Distributed Firewall in cases where the VM moves to another location. There is no Distributed Firewall configuration that needs to be updated in NSX when VM moves to other location. NSX use cases like logical switching, logical routing, … Continue reading NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

VMware NSX for Identity Firewall Use Case

13 Sep 202313 Sep 2023 by Farhan Patel, posted in Network Security, Security, VMware NSX

Identity firewall Identity firewall IDFW enables one to configure distributed firewall rules based on Active Directory user group. Identity firewall can be utilized for virtual desktops, remote desktop sessions RDSH and also for physical machines. VMware NSX will control access to the target/destination servers based on the user logged in to the source VM. In … Continue reading VMware NSX for Identity Firewall Use Case

VMware NSX Distributed Firewall

22 Jun 202322 Jun 2023 by Farhan Patel, posted in Network Security, nsx-t, Security, VMware NSX

Technical References: NSX-T Reference Design Guide VMware NSX-T Administration Guide VMware NSX Distributed Firewall is software defined Layer 7 stateful firewall which provides protection at vnic level of a virtual machine. Layer 7 Application ID, FQDN filtering, identity based fire-walling are important capabilities of NSX Distributed Firewall. A very popular use case of NSX Distributed … Continue reading VMware NSX Distributed Firewall

NSX Advanced Load Balancer – Multiple NSX-T Clouds under NSX ALB

18 Mar 202321 Mar 2023 by Farhan Patel, posted in VMware NSX

NSX Advanced Load Balancer Architecture ALB NSX Advanced Load Balancer ALB provides L4+L7 load balancing services and is built on software-defined principles where easy scale out is provided. This approach removes the complexity of managing multiple physical appliances, gets rid of scale out issues when throughput requirements increase. NSX ALB consists of two main components: … Continue reading NSX Advanced Load Balancer – Multiple NSX-T Clouds under NSX ALB

Multiple VDS’ on host for Overlay on compute hosts

18 Feb 202319 Feb 2023 by Farhan Patel, posted in nsx-t, Routing

Multiple VDS' for Overlay on compute hosts This use case is also referenced in NSX-T Reference Design Guide which mentions that starting with NSX 3.1, a host can have virtual switches part of different overlay transport zones and the TEPs on each virtual switch can be on different VLAN/IP subnets (still, all the TEPs … Continue reading Multiple VDS’ on host for Overlay on compute hosts

NSX Advanced Load Balancer: NSX-T VLAN Cloud

16 May 202216 May 2022 by Farhan Patel, posted in VMware NSX

NSX Advanced Load Balancer ALB Architecture: Controller: NSX ALB control plane comprises of three controller nodes. The controller is used for management purpose. Controller places virtual service on the data plane component referred to as service engine. Controller nodes communicate with each other and with service engines. Clients access virtual service over required port as … Continue reading NSX Advanced Load Balancer: NSX-T VLAN Cloud