NSX Easy Adoption Design Guide - NSX version 3.2

NSX Easy Adoption Design Guide - NSX version 3.2

VMware NSX Data Center is a full-stack Software-Defined Networking and Security platform from VMware. The full-stack solution (L2/L3 to L4-L7 services ) is flexible and scalable from a minimum footprint of two hosts to the cloud-scale need of large enterprises. This document aims to build a simplified consumption model based on two prescriptive use cases suitable for small footprint, single rack, and satellite data centers.
The two use cases offered in this design guide are:

  • A simplified security solution designed for existing workloads where the physical network retains many networking functionalities.
  • A full-stack design that primarily targets new deployments minimizing interaction with the external network while providing extensive flexibility and Network and Security services inside the solution.

The solutions presented focus on the following goals and parameters:

  • Physical network-friendly configuration – minimum configuration
  • Leverage existing knowledge base from vSphere and Security Admin
  • Exploit the features and capabilities from NSX-T to build a flexible yet consolidated solution for a variety of application needs, services (NAT, VPN, FW), and security
  • Scope of deployment meeting most common footprint for small workload, satellite DC, and hosted solutions
  • Self-contained guidance and step-by-step design rational

This document incorporates two main sections. Each of them addresses the two use cases at a different level.

Section 2 covers a high-level overview of the two solutions, together with their value proposition in the context of well-defined requirements and constraints. We also include a brief overview of the relevant NSX-T components.

Section 3 provides a detailed design and engineering specification for both use cases. It includes a comprehensive list of assumptions on the supporting infrastructure. Design decisions have accompanying justifications and implications for making the designs actionable and the rationale behind the choices clear and transparent.

An example of end-to-end automation for the DC in a Box use case is available here. Please use the branch specific to your version.

This version (3.2) of the design guide includes the following updates:

  • Distributed firewall implementation on vCenter distributed port-groups
  • NSX vCenter server plug-in included as part of the simple security for applications use case
  • NSX Application Platform added as an optional component for both use cases to support NSX Intelligence and Advanced Threat Prevention features
  • Next Generation Gateway Firewall added as an optional component in the DC a box design 
  • NSX Advanced Load Balancer added as an optional component in the DC a box design 

The Easy Adoption guide for NSX-T version 3.1 is available on this community page

Readers are encouraged to send feedback to NSXDesignFeedback_AT_groups_vmware_com (convert to email format).

Labels (1)
Attachments
Version history
Revision #:
1 of 1
Last update:
‎01-16-2023 06:21 PM
Updated by:
 
Contributors