We received the following information from a customer.
Deep packet inspection (DPI) from trend micro need to work with => vSphere 6.5 VMWare in the future vShield Endpoint. With older versions of vSphere DPI works without this,
What does this mean for the customer?
Customer must use NSX in order to have DPI from trend micro?!
Can anyone please clarify this?
Deep packet inspection (DPI) from trend micro need to work with => vSphere 6.5 VMWare in the future vShield Endpoint. With older versions of vSphere DPI works without this
I'm not really clear with the ask. But you may please refer VMware Knowledge Base . VCNS being EOA,NSX is the way to move forward and to be precise VMware NSX for vSphere provides NSX Guest Introspection, which provides all features of vShield Endpoint . Let me know if you need any additional inputs.
Hi, I know the question was not really clearly from me..;-)
I mean a customer had currently vSphere 5.5 with Trend Micro deep packet inspection running. AFAIK DPI connects to the vDS to get/check the data.
With the upcoming release (6.5 or maybe 6.0) the interface for DPI to connect to the vDS isn't available (removed or closed from VMWare). As I understand if the customer would like to use DPI it must upgrade to a "NSX Lite" version.
Currently I didn't find detailed information from VMWare oder Trend Micro except this:
But from a customer perspective it isn't clear. What about if the customer doesn't want to buy NSX?!
Depending on the Trend Micro DPI features that you would like to use.
For example, as per this link: VMware NSX 6.2.3 and NSX 6.2.4 Compatibility - Deep Security
"VMware NSX 6.2.3 and NSX 6.2.4 have added a new type of license called NSX for vShield Endpoint.
This license allows integration with Deep Security for the purpose of performing hypervisor-based Anti-Malware and Integrity Monitoring only."
If you have vSphere Essential Plus and later edition, you should be able to download NSX for vShield Endpoint
"With the release of NSX 6.2.4, if you purchased vSphere with vShield Endpoint (Essential Plus and later), you can download NSX.
This means that NSX will appear on the vSphere download site, similar to vCNS."
So if you want to use Trend Micro network security capabilities such as firewalling, IPS then you would need NSX Advanced or NSX Enterprise licenses.
But if you just want to use Anti-Malware and/or Integrity Monitoring only, you just need to have vSphere Essential Plus or later edition and you should be able to download NSX for vShield Endpoint.
Upon deploying NSX, it will be automatically assigned for vShield Endpoint license, here's a screenshot after NSX is deployed and registered to vCenter server:
See also this link: Add and Assign an NSX for vSphere License
Starting in NSX 6.2.3, the default license upon install will be NSX for vShield Endpoint.
This license enables use of NSX for deploying and managing vShield Endpoint for anti-virus offload capability only, and has hard enforcement to restrict usage of VXLAN, firewall, and Edge services, by blocking host preparation and creation of NSX Edges.
If you need other NSX features, including logical switches, logical routers, Distributed Firewall, or NSX Edge, you must either purchase an NSX license to use these features, or request an evaluation license for short-term evaluation of the features.