TagvRNI

Securing Platform Communication in a vRealize Network Insight Cluster

Hi there! It’s been a while. How are you doing? In the last release of vRealize Network Insight, version 6.3, there’s a new feature called Secure Cluster Communication. By default, the communication between Platform and Collectors is encrypted via TLS. A Platform cluster, has a few data replication services (FoundationDB, Kafka,  running between them – which are not all encrypted by default. The Secure Cluster Communication feature allows you to set up VPN tunnels between the Platform nodes and encrypt all traffic going between them. 

It’s not recommended to split Platform nodes between different locations. But, if you do … Read more

Bulk Creating AWS VPC Flow Logs

vRealize Network Insight provides traffic visibility in AWS by ingesting the VPC Flow Logs. It correlates the flows to EC2 instances and adds more context, like the security groups, tags, and more. 

VPC Flow Logs are not enabled by default and need to be configured before vRNI can start ingesting the logs. That’s where this post comes in. The AWS lab that I use at VMware for demos is for the entire CMBU and has a bunch of smart people doing cool things. In other words, a ton of VPCs get created and deleted, EC2 instances deployed dynamically. I wanted … Read more

Archiving Network Flows from vRealize Network Insight to Log Insight

vRealize Network Insight (vRNI) captures all traffic going through the network. It stores the traffic in flow records, and these are made up out of a source, destination, protocol, and port number. The metrics are attached so you can get a nice graph of the traffic behavior.

vRNI Flows and context

After creating the flow, vRNI goes on and attaches a lot of context to that flow: Is it coming from a VM? Is there a firewall rule attached? Which vCenter is this flow going through? What kind of SD-WAN Policies are attached? If any of this context changes (i.e., a VM got renamed), … Read more

IP Address Management with vRealize Network Insight

vRealize Network Insight knows all and see all that’s happening within a network. Due to the search engine and the ability to pull out any data on the infrastructure, new use cases pop up now and then. Lately, I’ve been approached by a few organizations that are using Network Insight as an IP Address Management (IPAM) system, or to complete their existing IPAM system and compare and contrast it to the live infrastructure.

Here are a few examples: checking whether which IP addresses are free in a particular IP range. Comparing the IPAM registrations to the IP addresses that are Read more

vRealize Network Insight 4.0 – Smaller Gems

Network Insight 4.0 was released today and it undeniably the biggest release they’re ever done. It’s packed with some huge features and a lot of small goodness.

While Karl has done an excellent job of describing the top features in this blog post, I’ll go through the somewhat smaller features which will make your life better. But first, here’s a quick recap of the major features:

  • Cisco ACI support to gain insight into the underlying topology
  • Standardized BGP-EVPN support as an underlay
  • F5 BIG-IP router support
  • Cisco ASA support
  • sFlow support for incoming network flows

Walkthroughs or “Self Service”

Read more

Integrating ServiceNow with Network Insight

In a previous post, Integrating vRealize Automation with Network Insight, I covered how greenfield applications can be automatically pushed into vRealize Network Insight to provide application context with the analytics of Network Insight. This post is about importing brownfield into Network Insight to get insights into the behavior of your existing applications. Specifically, importing CMDB information from ServiceNow.

Disclaimer: This is something I built, it is not officially supported by VMware.

CMDB

In the case of existing applications, your Configuration Management Database (CMDB) should be your source of truth. There are a lot of CMDB products out there, … Read more

Using PowervRNI to connect to Network Insight SaaS

VMware is pretty heavily invested in the cloud. Not only to manage your cloud environments, but also products as Software-as-a-Service offerings, next to the regular on-premises offerings. At the time of this post, there are 19 VMware products that you can purchase via the SaaS model. This is a variation between models like VMware Cloud on AWS where you get an Infrastructure-as-a-Service and Network Insight where you get the product hosted in the cloud.

Network Insight SaaS

So there’s a SaaS version of Network Insight. Effectively, this means that the Platform (the user-interface and data repository) is hosted in the … Read more

© 2024 Lostdomain

Theme by Anders NorénUp ↑