VMware is continuing to expand the features in its NSX network virtualization software platform, as the business continues to grow.
VMware announced its new NSX-T Data Center 2.4 update on Feb. 27. A day later on Feb. 28, the company reported its fiscal 2019 results, revealing that the NSX virtual networking product line generated over $500 million in revenue during the fourth quarter and $1.3 billion for the year overall. The core technology behind NSX was originally obtained by VMware via the acquisition of Nicira for $1.2 billion in July 2012.
With the new NSX-T 2.4 update, VMware is looking to push further into the networking space, providing automation features that make it easier for organizations to manage virtualized networking deployments across on-premises and multi-cloud environments.
“I think we have a really unique opportunity with NSX and that is to help customers realize this desire to create the true Self Service Cloud,” said Tom Gillis, SVP and General Manager at VMware.
Gillis said that if you look at the underpinnings of Amazon, Google and Microsoft’s cloud data centers, there is a new architecture around how to build a modern cloud scale network. It’s a leaf-spine architecture that is simplifying the task of the physical infrastructure and putting the complexities of policy enforcement into software.
Among the new features in NSX-T 2.4 are enhanced APIs to handle automation for policy and other network functions. It’s an approach VMware refers to as delivering the “network as code”, which is a programmatic API driven approach to instrument and manage network policy and operations.
NXT-T 2.4 also benefits from a user interface update to improve easy of use for operations. Additionally, NSX-T 2.4 introduces new analytics and visualization capabilities with the enhanced dashboard and UI, as well as support for Splunk and VMware vRealize Log Insight. Among the key use-case where the improved interface will help is for policy enforcement across hybrid and multi-cloud deployments.
“NSX is very unique in its ability to stitch together hybrid clouds and to do policy enforcement in a traditional vSphere environment or now in a bare metal environment, KVM or a cloud provider,” he said.
The Benefits of a Flat NSX Network
Spreading a network across different physical boundaries has often been a management challenge as different layer 2 domains are not easily bridged. Gillis said that NSX effectively flatted out networks now beyond the physical boundaries to keep the networking topology simple, with all policy enforcement done in software.
Beyond just being easier to manage, having a flat NSX network also enables organizations to find any un-used or stranded network capacity. Gillis said that VMware has a tool that allows customers to look for pockets of stranded capacity, which has been highly effective.
“Using a traditional networking approach with hard VLAN boundaries and firewalls between development and production environment, we look at the utilization,” he explained. “But what happens if your development environment has excess capacity that you could be using for peak moments in your in your production environment? You can’t move capacity easily across those old boundaries, but when you put in a NSX in place, you now can unlock that capacity.”
Intent-Based Networking vs NSX
There has been a lot of hype and vendor announcements in the past year about Intent-Based Networking, largely driven by Cisco, as a new approach to help automated networking.
Gillis said that in his view NSX is already and has long been, an intent-based networking technology. He said that intent-based networking is about being able to specify a policy that can be automatically pushed to switches and routers.
Some vendors like Cisco include machine learning and analytics in their intent-based networking stack, but that’s not something that Gillis sees as being needed for networking in NSX.
“What policy are we talking about that requires machine learning and analytics? Policy is usually really simple, like, some definition of this can talk to this, but not for that,” Gillis said. “Policy allows the IT team to put in what we call guard rails for the self service world.”
For example, he said that the guard rails would be a policy that would state that no matter what a developer does, that a development environment never touches the internet and that a production environment never touches the internet. In his view there is no need for machine learning for that.
The big opportunity for machine learning and analytics in Gillis’ view is around security, which is another domain that VMware is actively investing in. Looking forward for NSX, VMware’s focus is on continuing to flatten boundaries across what has been very rigid networking barriers.
“We’re really focusing on hybrid cloud integration, so making outpost Amazon’s outposts fit seamlessly into a network that’s a big deal for us and continuing to blur the lines between public cloud or private cloud,” he said.
Sean Michael Kerner is a senior editor at EnterpriseNetworkingPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.