vmware vrealize network insight 3.5 - whats new

14
© 2015 VMware Inc. All rights reserved. vRealize Network Insight 3.5 What’s New

Upload: vmware

Post on 28-Jan-2018

3.375 views

Category:

Software


0 download

TRANSCRIPT

Page 1: VMware vRealize Network Insight 3.5 - Whats New

© 2015 VMware Inc. All rights reserved.

vRealize Network Insight 3.5 What’s New

Page 2: VMware vRealize Network Insight 3.5 - Whats New

VMware Delivers: Intelligent Operations for Software-Defined Datacenter

2

1 vRealize Suite components2 Included with vRealize Suite and ships with NSX

vRealize Operations1

Compute Storage

Hybrid Cloud

Network

& Security

vRealize

Network

Insight

vRealize Log Insight2

Physical/ Virtual/ Cloud Environment

Application

vRealize Business for Cloud1

vRealize Network Insight Delivers Intelligent Operations for Software-Defined Networking and Security across

virtual, physical and multi-cloud environments

Page 3: VMware vRealize Network Insight 3.5 - Whats New

Customer Momentum

F500/G2000 Customers in Retail, Pharma, Airline, Security, Government, Financial, Healthcare, Education

PANW Ignite Conference 2016 Panel

Session:

CA-DWR, USAA & Columbia Sports

Case Study - NSX, PANW & vRNI

Case Study: CA Dept. of Water Rolls Out

Secure Cloud Using vRNI

3

“Arkin (vRNI) real-time flow analytics makes it extremely easy to implement micro-

segmentation security. The visibility and troubleshooting capabilities that Arkin (vRNI)

provides to our networking and operations teams enables us to more quickly and

confidently scale our NSX deployment.”

Brian Lancaster, Executive Director of Information Management

“I cannot say enough good things about #vRNI if you want visibility into your #NSX

overlay/firewall and physical network. @vmwarensx”

Daniel Hertzberg, Enterprise Engineer

“I love the visibility into configuration/env changes that

vRNI provides me. So glad to finally get this product

into production.”

Justin Bias, Cloud Technologies Specialist

“Most community colleges are challenged to provide stronger information security on a limited

budget and with a small IT team. The combination of VMware NSX and vRealize Network

Insight works very well for us. It makes our environment more secure, and it’s saving us time

every week. I look forward to the new NSX Edge Health Dashboard and third-party device

integrations in vRealize Network Insight 3.5 to help drastically reduce the amount of effort and

time required to plan, deploy and scale SDDC networking and security infrastructure.”Brandon Lovelace, Santa Barbara City College

Page 4: VMware vRealize Network Insight 3.5 - Whats New

4

vRealize Network Insight 3.5Intelligent Operations for Network and Security Across Virtual, Physical and Multiple Clouds

VMware vRealize Network Insight delivers intelligent operations for software-defined networking and security. It helps

customers build an optimized, highly-available and secure network infrastructure across multi-cloud environments. It

accelerates micro-segmentation planning and deployment, enables visibility across virtual and physical networks and

provides operational views to manage and scale VMware NSX deployments.

Micro segmentation Planning,

Deployment and Compliance

• Plan and measure security impact

with micro segmentation

• Accelerate micro-segmentation

deployment with firewall rules

recommendations.

• Continuously monitor and audit

compliance postures over time.

360 Network Visibility and Troubleshooting

• Quickly troubleshoot connectivity issues

between VMs through powerful path

visualization

• Unify troubleshooting experience across the

virtual and physical infrastructure

• Rapidly identify issues through efficient event

and alert management

Manage and Scale NSX Deployments

• Scale across multiple NSX Managers

with powerful visualizations for

topology and health

• Avoid configuration issues through an

in-product best practices checklist

• Pinpoint and triage issues for quick

resolution with intuitive UI and search

Secure Public Cloud Infrastructure

• Extend micro-segmentation planning to

AWS security groups

• Analyze traffic flows in AWS and get visibility

into AWS Virtual Private Cloud (VPC)

• Troubleshoot firewall issues between VMs in

AWS

Page 5: VMware vRealize Network Insight 3.5 - Whats New

vRealize Network Insight 3.5 – New CapabilitiesIntelligent Operations for SDDC Network and Security Across Virtual, Physical and Hybrid Clouds

CONFIDENTIAL

Manage & Scale NSX Deployments• See flows blocked by the NSX firewall with NSX IPFIX Integration

• NSX Edge Health Dashboard provides enhanced visibility with a Layer 3 topology view

• Assess PCI compliance for the NSX-V environment with a new PCI Compliance Dashboard

Troubleshoot across the virtual & physical infrastructure• Comprehensive visibility with added support for new third party

devices:

• Checkpoint firewall

• Brocade MLX

• HP OneView

• VM to VM path now supports ECMP

Enterprise-grade SDDC Networking and Security Platform• Keep all data intact by migrating data sources between proxies for fast recovery

• Enforce platform resource usage limits to contain footprint

• Supports multiple license types

Page 6: VMware vRealize Network Insight 3.5 - Whats New

PCI Compliance Dashboard

• Helps assess the PCI compliance for the NSX-V environment

• Provides analysis of data for specific PCI sections

• New search keyword PCI compliance of introduced

• Available only in vRNIenterprise license or NIaaS

CONFIDENTIAL 6

Open from

Security Menu

Also choose scope

using search

Choose the

assessment scope

PCI sections

used for analysis

Page 7: VMware vRealize Network Insight 3.5 - Whats New

NSX Edge Dashboard• Updated dashboard covering Edge technologies

• Better visibility with new layer 3 topology view

• New widgets added showing information such as key properties of including NAT rules, Networks, Default gateway and downstream routers

• New information added on Edge device and router dashboards as well

CONFIDENTIAL 7

New widget

organization

New Topology and

properties widgets

New Topology and

properties widgets

Page 8: VMware vRealize Network Insight 3.5 - Whats New

Support for NSX IPFIX

• Rule ID and Action ingested

– Enabled within NSX Manager data source configuration

– Requires Security Admin and Enterprise Admin roles

• Deduplication of flow information between VDS and NSX IPFIX

• Deny action depicted by dropped flows visualization

• NSX IPFIX records are generated via NSX DFW and send from each ESXi host

• Protected - associated rule found OR associated rule is not any-any-allow

• Unprotected - flows where an associated rule is found AND that rule is any-any-allow

CONFIDENTIAL 8

View dropped,

protected, and

unprotected flows

Select a wedge and

view flow actions

Page 9: VMware vRealize Network Insight 3.5 - Whats New

ECMP Support in VM-VM Path

• New layout for Path dashboard

• ECMP Edges in VM to VM path are supported

• Ability to visualize all potential paths taken in case of ECMP routing

CONFIDENTIAL 9

Page 10: VMware vRealize Network Insight 3.5 - Whats New

Third Party Devices: Check Point

• Support for Checkpoint vSEC Management Server (version R80)

• Hosts, gateways, network, address range, access rules are supported

• Applicable Check Point rules are shown in the VM-VM path

CONFIDENTIAL 10

Add devices within

Accounts and Data

Sources

Select to view

applicable firewalls

Extensive Check

Point entity support

within search

Page 11: VMware vRealize Network Insight 3.5 - Whats New

Third Party Devices: Brocade MLX

• Support at par with Brocade VDX

• Supported L2/L3 entities, switch port, VRF, router interface, route

CONFIDENTIAL 11

Page 12: VMware vRealize Network Insight 3.5 - Whats New

Third Party Devices: HP OneView

• Entities supported enclosures, blades, physical interconnects and are searchable

• Only ethernet type physical interconnects supported

• HP OneView (OS v3) is supported

CONFIDENTIAL 12

Page 13: VMware vRealize Network Insight 3.5 - Whats New

vRealize Network Insight 3.5 Editions

Capability vRNI ADV vRNI Enterprise

Previous Single Edition New Edition

Flow Analysis (VDS IPFIX, V-to-V, V-to-P)

NSX Firewall M-Seg Planning & Operations (NSX IPFIX)

NSX Day 2 Ops (Topology view, best practice checklist, NSX Edge Health

dashboard)

VM Paths w/ Physical Switches & Routers

3rd Party Firewall Visibility

AWS VPC, Security Groups, Tags in M-Seg Planning

Visibility and troubleshooting with AWS VPC, EC2, tags, Security Groups

PCI Compliance Dashboard

Configurable and extended retention period for data

Page 14: VMware vRealize Network Insight 3.5 - Whats New

Learn More

Try the Hands-on Lab. Nothing to download!

14

Visit the website for resources and purchasing

information.

https://www.vmware.com/products/vrealize-network-insight.html

http://Labs.hol.vmware.com

Website:

Hands-on Lab:

Available for evaluationas part of VMUG

Advantage.