I’ve been rolling out quite a few vRealize Network Insight deployments (labs, Proof-of-Concepts) and while the installation of NI is a cake walk (see automated installer here), add the data sources can be time consuming if you have a bunch of switches and/or other data sources which need to be imported.
The good people of vRealize Network Insight made the OVAs of Network Insight 3.2 Import-vApp safe, which means you can now install it with PowerCLI!
Network Insight consists of two VMs; the Platform VM and the Proxy VM. The setup process looks like this:
- Deploy Network Insight Platform OVA to vSphere
- Browse to the Platform UI and:
- Active your license,
- Generate a Shared Secret for use in the Proxy VM deployment.
- Deploy Network Insight Proxy OVA to vSphere
- Login to the Platform UI and start adding data sources and consume all the goodness that is Network Insight!
Having to deploy … Read more
IPv6 is here and IPv4 is definitely running out of time. Here in the Netherlands, the consumer internet providers have been “working on it” for years. I’ve been lobbying for IPv6 connectivity for years, without much luck. After a time of experimenting with IPv6-over-IPv4 tunnels and Teredo, I basically gave up on those technologies due to various reasons; high latency, complexity & subnet reputation (a lot of shady stuff was going on those free IPv6 subnets).
Recently, I finalized my IPv6 implementation in my hosted environment (couple of websites, other apps/databases), which also contains a NSX testlab. Considering … Read more
Amazon Web Services has a few ways of giving you connectivity: internet, Direct Connect (a physical line) and VPN. While AWS has a ton of examples for firewall/VPN vendors, there is none for connecting with NSX. I needed to connect a NSX network with AWS for a proof of concept and had to figure out how to configure AWS and what settings to use on the NSX Edge VPN. Behold, the fruits of my labor!
This is what we are going to be building in this post. Compute resources inside AWS connected with a VPN towards VMware NSX for corporate … Read more
vRealize Network Insight (vRNI) is most famous for its ability to help you with getting insight into your virtual traffic flows. Using that information you have all you need to configure micro-segmentation. vRNI is much more than that though and this post is the first of a series going into depth of some of the awesome capabilities of vRNI.
All Your Firewall Rules Belong to vRNI
One thing vRNI does, is inventory all the network configuration of the data sources (devices such as switches, routers, firewalls) you add to it. Among those data sources, NSX and Palo Alto Network devices … Read more
Just before all the buzz started from VMworld (such as the vSphere 6.5 release), the VMware fling team dropped a huge release. The first version of PowerCLI for OS X and Linux is available!
PowerCLI – Current State
While this is a fling, a lot of work has gone into making the proper cmdlets available for your everyday vSphere management duties. But there’s still a lot of work to be done. The comparison table between the PowerCLI version for Windows and the fling that has just been released is below:
This is the beginning of an awesome cross-platform experience for … Read more
VMware NSX provides a (heavily underestimated) SpoofGuard functionality, which prevents virtual machines to use IP addresses that are not approved by the network engineers. It guards for, guess what, IP spoofs. Virtual machines will not be able to change their IP addresses without administrative approval, which prevents issues with unauthorized changes or duplicate IPs.
SpoofGuard in NSX
SpoofGuard can operate in 3 modes:
– Approve everything (the default);
– Automatically approve first detected IP, manual approve changes;
– Manually approve all first detected IPs and changes.
While having control of the IP address changes in the virtual network is pretty … Read more