Movatterモバイル変換

[0]ホーム
URL:

Skip to content
DEV Community
Log in Create account

DEV Community

Nick Schmidt
Nick Schmidt

Posted on • Originally published atblog.engyak.net on

     

NSX-T Datacenter 2.5 Released!

As of 19 September 2019, NSX-T 2.5 has been officially released and is available for download!

It's been a bit since the announcement, so let's cover some of the new capabilities of interest with NSX-T 2.5. This is a summary of what I found interesting, the complete release notes arehere

NSX Intelligence

VMWare will be introducing a newpaid service to analyze traffic handled by distributed firewalling, to allow infrastructure administrators to map out service applications, ports, and policies to better secure their east-west network environment. It will also provide the capability that NSX-V has natively,Application Rule Manager.

Testing and Troubleshooting

VMWare added a ton of good stuff here, some of which seems a little late...

Layer 2 MTU/VLAN Checking

This one has been a big pain point for NSX administrators everywhere, especially if they don't also control the route-switch infrastructure. Prior to this, NSX-T had tunnel status (which would alarm if no VMs in a port group were on a host, causing a LOT of noise) and NSX-V hadnothing.

Layer 3

We get BGP routing information from the API and GUI for the first time!

New Capabilities

IPv6

We pick up SLAAC, Router advertisements allowing for automatic IP configuration. Ideally, this would not be something we really need - but I'm sure there's a use case somewhere.

Firewalling and Security

  • NSX-T now supports configuration management as well, with config drafts!
  • NSX Cloud is beginning to support native constructs in public cloud for security enforcement. This is a pretty big deal for hybrid cloud shops that won't have to use an agent to enforce consistent multi-cloud security!
  • VMWare has introduced Layer 7 (App-ID) support for gateways and is beginning to introduce FQDN filtering as a precursor to URL filtering.
  • VMWare has also added Identity-based firewalling.
  • Elliptic Curve Cryptography over IPSEC is now available
  • Preset compliance suites for VPNs are also available

Other

  • Load Balancing GUI Improvements - We'll see the simplified GUI in a bit.
  • SNMPv3 Polling is supported on all appliances
  • The NSX-V to NSX-T migration tool has unlisted improvements
  • NSX Manager to Edge communication is changing ports - from 1234 to 5671. This could potentially break connectivity during an upgrade. Port 1235 does still need to be open.

Next, let's try it out!

Top comments(0)

Subscribe
pic
Create template

Templates let you quickly answer FAQs or store snippets for re-use.

Dismiss

Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment'spermalink.

For further actions, you may consider blocking this person and/orreporting abuse

I am a network engineer based out of Alaska, pursuing various methods of achieving SRE/NRE
  • Location
    Alaska
  • Work
    Solutions Architect, Cloud Platform Infrastructure
  • Joined

More fromNick Schmidt

DEV Community

We're a place where coders share, stay up-to-date and grow their careers.

Log in Create account
[8]ページ先頭
©2009-2025 Movatter.jp