?

VMware NSX-T Enterprise Segmentation Sandbox

Bookmark
73 people launched
Solution Overview
VMware NSX delivers a software-defined network solution built entirely in software, allowing it to span between traditional “on-premise” and cloud infrastructures, all managed centrally.  Now, starting with version 2.5, branded "NSX-T Intelligence," it provides automatic application dependency mapping and policy generation.

With the granularity NSX-T provides in software-driven policy enforcement, it can be a core tool in an enterprise segmentation toolbox.  NSX-T Intelligence provides enhanced network security, detailed end-to-end visibility of traffic, in-depth workload visibility and context-based firewalling, all while assuring a high level of Operational Simplicity.

Goals & Objectives

The objective of this unstructured sandbox is to provide a highly flexible, pre-built NSX-T Intelligence environment suitable for experimentation with NSX-T technologies in a segmented enterprise. The environment includes multiple management and edge nodes and spans seamlessly across both VMWare ESXi and KVM hypervisors as well as bare-metal servers.

In this sandbox, you can experience:
  • Application Dependency Mapping using NSX-T Intelligence
  • Automated security policy generation
  • Segmentation of applications across virtualized and bare-metal on-premise environments
  • Classification of virtual resources using tagging
  • Global policy creation using context-based rules
  • Policies to provide both north-south and east-west segmentation
  • Advanced visibility of traffic throughout the environment

Hardware & Software

This sandbox is 100% virtual and include the following components:
  • 1x ESXi virtualized environment, including:
    • 3x ESXi Management Servers
    • 2x ESXi Compute Servers
    • 1x vCenter Server (nested ESXi environment)
    • 1x NSX-T Manager server, version 2.5 (nested ESXi environment)
    • 1x NSX-T Intelligence server, version 2.5 (nested ESXi environment)
    • 2x NSX-T Edge node servers, version 2.5 (nested ESXi environment)
    • 1x "Bare-Metal" application server with NSX-T agent installed
  • 1x KVM virtualized environment, including:
    • 2x KVM servers
  • 1x Linux simulated multi-tier application, including:
    • 2x Webservers
    • 1x Application Server
    • 1x Database Server
  • 1x Virtual FreeNAS Storage Appliance
  • 1x Windows RDP Jumpbox
  • 1x Windows AD/DNS Server
  • 1x VyOS Virtual Router

Technologies