• NSX Application Rule Manager

    Application Rule Manager is a new feature in NSX 6.3 that allows you to quickly microsegment out application workloads with the distributed firewall. Through the tool you can quickly create both Security Groups and DFW rules after viewing the live flow analysis.   To get started, navigate to the Flow Monitoring section in the web client, and then click on the Application Rule Manager tab.     Click on Start New Session. Provide a Session Name, and then select the Virtual Machines (and their vNICs) that you would like to monitor for flows. You can select up to 30 vNICs […]

    Read more »
  • Endpoint Monitoring in NSX 6.3

      As of NSX 6.3, Activity monitoring is no long supported and has been deprecated. When navigating to the Activity Monitoring section, the following warning will be displayed.     Activity Monitoring has been replaced by Endpoint monitoring which is a lot more powerful and allows you to map specific processes inside the guest OS to the network connections the processes are using. This allows you to be able to operationalize NSX much faster!   There are a few prerequisites before you can use Endpoint monitoring: Install Guest Introspection and ensure VMware tools is running and up to date. Note: […]

    Read more »
  • vRealize Network Insight introduction and Installation

      Quick Intro to vRNI   In June of 2016 VMware acquired a company called Arkin Net and named the product vRealize Network Insight. It didn’t take long for a nickname to emerge from the acronym in the form of “vernie.” This nickname has got some great rebranding from customers and employees ranging from “Weekend at vernies” to the picture below.     There are a couple of version of vRNI, an assessment which can be performed by your local SE or partner reseller and a full version which is an add on to NSX licensing. You can also play […]

    Read more »
  • Upgrading NSX 6.2.2 to NSX 6.3 – Part 3

      This is the third and final part of the upgrade series. If you haven’t completed the first two parts, please refer to the following links.   Part 1 – Upgrading NSX Manager Part 2 – Upgrading Controllers and Host Clusters   The final few steps that need to be completed during the upgrade are below.   Change VXLAN port (Optional) Upgrade NSX Edges and DLRs Upgrade Guest Introspection Check with Partner Vender if using third party service insertion Complete Post-Upgrade Checklist   Let’s start with changing the VXLAN port. This is an optional step that doesn’t have to be […]

    Read more »
  • Upgrading NSX 6.2.2 to NSX 6.3 – Part 2

      After completing the upgrade of the NSX Manager, you will need to upgrade the NSX Controller Cluster and Host Clusters. As mentioned previously, I would recommend all steps be completed during a maintenance window.   To upgrade the controller cluster, log into the vSphere Client and navigate to Installation -> Management. You will see my cluster has an “Upgrade Available” link on the right hand side of the pane, and the Upgrade Status says “Not Started”     When you are ready to upgrade, click on the link, and select Yes.     Before you start the upgrade, there […]

    Read more »
  • Upgrading NSX 6.2.2 to NSX 6.3 – Part 1

      With the recent release of vSphere 6.5, I needed to upgrade my lab environment and figured I would write a post to help others who may need step by step guidance on the upgrade process. I am currently running NSX 6.2.2 with vCenter Server 6.0 and will be upgrading to NSX 6.3 with vSphere 6.5. Since NSX 6.3 is the only release that currently supports vCenter Server 6.5, I will need to ensure that I upgrade NSX to 6.3 before vSphere, otherwise I will be in an unsupported state (Can’t run NSX 6.2.2 on vSphere 6.5). If there are […]

    Read more »
  • Using vRealize Log Insight to manage and review NSX Distributed Firewall rules

      The Distributed Firewall dashboards are definitely my favorite feature of vRLI. You can see the total number of firewall actions triggered, the top rule that is hit, audit events, top sources, top destinations, ports allowed or denied, and more. With all of this data, it’s possible to use vRLI to start creating your DFW rules because you will be able to see what VMs are communicating over specific ports. Near the end of this post, I will write a brief tutorial on how you can use the filter logic to determine DFW rules that need to be put in […]

    Read more »
  • Using vRealize Log Insight to Manage and Troubleshoot NSX

      I recently wrote a post on how to Deploy vRealize Log Insight with the NSX Content Pack. The post outlined the initial installation, redirection of NSX component logging to vRLI and and the installation of the NSX Content Pack.In this post, I wanted to show all of the cool features of the content pack, how to use it for day to day operations, and how to use it to troubleshoot NSX. Let’s start out with creating and managing dashboards.   Creating and Managing Dashboards Custom Dashboard   To create a custom dashboard, navigate to Interactive Analytics at the top. […]

    Read more »
  • Deploying vRealize Log Insight with NSX Content Pack

      For every NSX license you purchase, you also get an OSI license for vRealize Log Insight! With that said, I wanted to show everyone how to deploy vRLI and redirect your logs for NSX managers, edges, controllers and ESXi to vRLI. I will also show the configuration of the NSX content pack. If you haven’t heard of a content pack for vRLI, it is essentially a plugin that has pre-defined information about specific products using log analytics. The plugins are not limited to VMware products, you can define these plugins for Arista, HP, Cisco, Dell, Microsoft, Openstack, and much […]

    Read more »
  • NSX Home Lab Hardware Setup

    Hi Everyone, I know it has been a long time since I have posted (has it really been 6 months?!). I promise will do my best to post on a more regular basis, especially since I have good hardware to play around with now. A little update before we get started: I am loving my new role as a Systems Engineer for NSX at VMware and couldn’t be happier where I am at. Over the last 6 months I have had to transition from a deeply technical, daily grind position in tech support, to a more customer focused, business solution […]

    Read more »

Back to Top