Mastering VMware NSX for vSphere

A clear, comprehensive guide to VMware's latest virtualization solution

Mastering VMware NSX for vSphere is the ultimate guide to VMware's network security virtualization platform. Written by a rock star in the VMware community, this book offers invaluable guidance and crucial reference for every facet of NSX, with clear explanations that go far beyond the public documentation. Coverage includes NSX architecture, controllers, and edges; preparation and deployment; logical switches; VLANS and VXLANS; logical routers; virtualization; edge network services; firewall security; and much more to help you take full advantage of the platform's many features.

More and more organizations are recognizing both the need for stronger network security and the powerful solution that is NSX; usage has doubled in the past year alone, and that trend is projected to grow--and these organizations need qualified professionals who know how to work effectively with the NSX platform. This book covers everything you need to know to exploit the platform's full functionality so you can:

• Step up security at the application level

• Automate security and networking services

• Streamline infrastructure for better continuity

• Improve compliance by isolating systems that handle sensitive data

VMware's NSX provides advanced security tools at a lower cost than traditional networking. As server virtualization has already become a de facto standard in many circles, network virtualization will follow quickly--and NSX positions VMware in the lead the way vSphere won the servers. NSX allows you to boost security at a granular level, streamline compliance, and build a more robust defense against the sort of problems that make headlines. Mastering VMware NSX for vSphere helps you get up to speed quickly and put this powerful platform to work for your organization.

Auteur

Elver Sena Sosa is a data center solutions architect with 20 years' networking experience. He is the author of two VMWare Press VCP certification books, holds VCDX-NV and VCI certifications from VMWare, and he is a frequent speaker and blogger well known in the VMware community.

Texte du rabat
Master the critical new NSX networking and security virtualization platform from VMWare VMware's NSX is a revolutionary advancement in Network Function Virtualization (NFV). NSX enables virtualized networks to extend beyond servers: routers, switches, firewalls, load balancers, and other networking components can all be virtualizedproviding improved manageability, increased security, and dramatic cost savings over traditional networking. Mastering VMware NSX for vSphere part of the Mastering series of books trusted by IT professionals worldwideexamines all the critical components of VMware's new network and security virtualization platform. This comprehensive Sybex guide provides detailed and accurate coverage on deploying, configuring, securing, managing, monitoring, automating, backing up, and restoring virtual networks, firewalls, load balancers, and more. Coverage includes:

• Preparing and deploying NSX
• Setting up VXLAN logical switch networks
• Configuring VMware NSX logical routers
• Using NSX Edge Services Gateway
• Appl ying NSX Distributed Firewall rules
• Extending NSX deployment across vCenters
• Backing up and Restoring NSX components
• Managing users with Role-Based Access Control
• Monitoring NSX using dashboards
• Automating with NSX REST API Master NSX Architecture, Controllers, and Edges Optimize VMware Virtual Networks Manage Users, Groups, and Components Configure Firewall and Security Features Deploy and Manage Edge Network Services

Résumé
A clear, comprehensive guide to VMware's latest virtualization solution

Mastering VMware NSX for vSphere is the ultimate guide to VMware's network security virtualization platform. Written by a rock star in the VMware community, this book offers invaluable guidance and crucial reference for every facet of NSX, with clear explanations that go far beyond the public documentation. Coverage includes NSX architecture, controllers, and edges; preparation and deployment; logical switches; VLANS and VXLANS; logical routers; virtualization; edge network services; firewall security; and much more to help you take full advantage of the platform's many features.

More and more organizations are recognizing both the need for stronger network security and the powerful solution that is NSX; usage has doubled in the past year alone, and that trend is projected to growand these organizations need qualified professionals who know how to work effectively with the NSX platform. This book covers everything you need to know to exploit the platform's full functionality so you can:

• Step up security at the application level
• Automate security and networking services
• Streamline infrastructure for better continuity
• Improve compliance by isolating systems that handle sensitive data
  VMware's NSX provides advanced security tools at a lower cost than traditional networking. As server virtualization has already become a de facto standard in many circles, network virtualization will follow quicklyand NSX positions VMware in the lead the way vSphere won the servers. NSX allows you to boost security at a granular level, streamline compliance, and build a more robust defense against the sort of problems that make headlines. Mastering VMware NSX for vSphere helps you get up to speed quickly and put this powerful platform to work for your organization.

Contenu

Introduction xvii

Chapter 1 Abstracting Network and Security 1

Networks: 1990s 1

Colocation 2

Workload-to-Server Ratio 3

Inefficient Resource Allocation 3

The Long Road to Provisioning 3

Data Centers Come of Age 4

Data Center Workloads 4

Workloads Won't Stay Put 5

VMware 6

Virtualization 6

What is Happening in There? 6

Portability 8

Virtualize Away 8

Extending Virtualization to Storage 9

Virtual Networking and Security 9

NSX to the Rescue 10

The Bottom Line 13

Chapter 2 NSX Architecture and Requirements 15

NSX Network Virtualization 16

Planes of Operation 16

NSX Manager Role and Function 18

ESXi Hosts 19

vCenter Server 20

vSphere Distributed Switch 21

NSX VIBs 23

Competitive Advantage: IOChain 24

IOChain Security Features 24

NSX Controllers 25

NSX Controller Clustering 26

NSX Controller Roles 26

NSX Edge 28

ESG Sizing 30

NSX Role-Based Access Control 30

Overlay and Underlay Networks 32

Replication Modes for Traffic Going to Multiple Destinations 34

The Bottom Line 36

Chapter 3 Preparing NSX 39

NSX Manager Prerequisites 39

Open Ports and Name Resolution 40

Minimum Resource Requirements for NSX Data Center Appliances 40

vSphere HA and DRS 41

IP Addressing and Port Groups 43

Installing the Client Integration Plug-in 44

Installing NSX Manager 44

Associating NSX Manager to vCenter 46

Adding AD/LDAP to NSX 47

Linking Multiple NSX Managers Together (Cross- vCenter NSX) 51

Multi-site Consistency with Universal Components 51

Primary and Secondary NSX Managers 53

Preparing ESXi Clusters for NSX 54

Creating a Universal Transport Zone on the Primary NSX Manager 56

vSphere Distributed Switches Membership 57

Adding Secondary NSX Managers 58

The Bottom Line 59

Chapter 4 Distributed Logical Switch 61

vSphere Standard Switch (vSS) 62

Traffic Shaping 63

Understanding Port Groups 64

NIC Teaming 65

Ensuring Security 66

Virtual Distributed Switch (vDS) 67

Virtual eXtensible LANs (VXLANs) 68

Employing Logical Switches 71

Three Tables That Store VNI Information 73

Collecting VNI Information 74

Centralized MAC Table…