I have query regarding NSX-T Micro Segmenation.
1. Does NSX - T supports Micro Segmenation - I believe yes.
If so what are the hypervisors it supports Micro Segmentation.
2. If it so what is the difference between the Micro Segmentation offers in NSX-v & NSX-T
1. NSX-T does support microsegmentation. Supported platforms in the current release are vSphere, KVM, containers w/Kubernetes, AWS native and Azure native. NSX-T 2.3 will add support for bare metal linux workloads as well.
2. NSX-V is tightly coupled with vSphere and allows you to use vCenter objects in firewall rules, L7, identity firewall as well as service insertion with partners. NSX-T is multi-platform and enables you to have a consistent security policy across multiple platforms.
Sjason,
Do i have to configure all the NSX-t Items like N-VDS, Tier-0 transport zones and so on to be able to use the micro-segmentation with NSX-T?
Thanks,
Overlay is not required, but the workload will need to be connected to a N-VDS. So, after NSX-T is installed (i.e. Mgmt. and Control Plane up, hosts added as Fabric Nodes, etc) you will...
-Create VLAN transport zone
-Add VLAN Transport Zone to the transport nodes
-Create VLAN based Logical Switch
-Move/create VM’s vnic to VLAN based Logical Switch created on N-VDS
-Create grouping and DFW policy on NSX-T
Hi,
I have another question: The controller are mandatory for distributed firewall in NSX-T?
Thanks,
Akram
In NSX-T you need the N-VDS for micro segmentation. Controllers are necessary for that and, in NSX-T 2.4, controllers are merged in the same appliance as the managers, so there is no way to deploy a manager without a controller.