VMware NSX

  • 1.  NSX installation guidance-Firewall feature only.

    Posted Oct 04, 2017 08:14 AM

    Folks,

    We are in process to get our NSX feature rolled out to the vCentre.

    This includes the firewall feature only.

    We are pretty new to this and would like to get some initial guidance on recommended practice.

    What I understand is when we do not needed a vSwitch and a vRouter the cluster controllers are not needed, correct?

    When we want to roll out a firewall feature only all we need is the NSX manager.

    Regards,

    N!!



  • 2.  RE: NSX installation guidance-Firewall feature only.
    Best Answer

    Broadcom Employee
    Posted Oct 04, 2017 03:25 PM

    For microsegmentation use case we don't need to leverage Controllers/Logical Router/Logical Switches,Edges etc . You can certainly use the feature on vSphere port groups.However Logical switches with DFW is the best combination.



  • 3.  RE: NSX installation guidance-Firewall feature only.

    Posted Oct 07, 2017 07:48 AM

    Hi Neel_Mani,

      Yeah, you don't need any NSX Component accept NSX Manager but make sure you DFW is not Supported on Standard Switch only DVS.

    Regards

    Amol



  • 4.  RE: NSX installation guidance-Firewall feature only.

    Posted Oct 08, 2017 12:44 PM

    The below link says that DFW will work in Standard switch but it is not officially supported by VMware.

    Let me know if this is right.

    NSX & vSphere Standard Switch Compatibility · vrandom



  • 5.  RE: NSX installation guidance-Firewall feature only.

    Posted Oct 08, 2017 12:58 PM

    Also I found the below.

    Its mentioned that the Applied To can be applied to Legacy Port group - VSS port group



  • 6.  RE: NSX installation guidance-Firewall feature only.

    Posted Oct 09, 2017 10:26 AM

    It's better to migrate to vDS. Here is the snapshot from the official slide from VMWorld 2017 for the logical recommendation.