Unleashing the NSX Transformers project, from May 3, 2015 the use of Software-Defined Networking for VMware customers has been amplified. According to VMware, it is expected that this price reduction, the number of customers reached during 2016 (there are currently 1400 clients NSX generating US $ 600 MM during this 2016) is increased of which 350 customers already use NSX in environments Production (data to March 2016). IDC predicts that the SDN market can generate more than US $ 12 billion by 2020, although other studies positioned a market volume even higher (Research and Markets predicts more than US $ 77 billion in market SDN 2020).
VMware NSX (versions 6.2.2 onwards) can be licensed under one of the following 3 editions:
- NSX Standard Edition (US $ 1995 per CPU plus annual SnS) delivers the basic framework, allows integration with third party products. Switching includes L2, L3 routing, NAT and native integration with OpenStack (Neutron) and VMware vRealize Automation. Supports perpetual licensing per CPU level ESXi physical server.
- NSX Advanced Edition (US $ 4495 per CPU plus annual SnS): Standard Edition plus includes the issue of micro-segmentation level Data Center. Firewall includes distributed, Integration with Microsoft Active Directory, VMware services Automation Automation vRealize, Using Data Security and Load Balancer. Supports perpetual licensing per CPU level ESXi physical server and per user (oriented VDI).
- NSX Enterprise Edition (US $ 6995 per CPU plus annual SnS): Includes Advanced Edition, plus SDN between different domains vCenter. It Includes IPSec VPN, SSL VPN and advanced features NSX as communication between different Data Centers (multiple vCenters), remote gateways and scaling to VTEP Hardware level certificate. Supports perpetual licensing per CPU level ESXi physical server.
| NSX for vSphere 6.2 | |||
| Feature | Standard
US$1995 per CPU |
Advanced
US$4495 per CPU |
Enterprise
US$6995 per CPU |
| Hypervisors Supported | |||
| Platform | |||
| ESXi 5.5 | Yes | Yes | Yes |
| ESXi 6.0 | Yes | Yes | Yes |
| vCenter 5.5 | Yes | Yes | Yes |
| vCenter 6.0 | Yes | Yes | Yes |
| Cross vCenter Networking & Security | No | No | Yes |
| Controller Architecture | |||
| NSX Controller | Yes | Yes | Yes |
| Universal Controller for X-VC | No | No | Yes |
| Optimized ARP Learning, BCAST supression | Yes | Yes | Yes |
| Switching | |||
| Encapsulation Format | |||
| VXLAN | Yes | Yes | Yes |
| Replication Mode for VXLAN | |||
| Multicast | Yes | Yes | Yes |
| Hybrid | Yes | Yes | Yes |
| Unicast | Yes | Yes | Yes |
| Overlay to VLAN bridging | |||
| SW Bridge (ESXi-based) | Yes | Yes | Yes |
| Hardware VTEP (OVSDB) with L2 Bridging | No | No | Yes |
| Universal Distributed Logical Switching (X-VC) | No | No | Yes |
| Multiple VTEP Support | Yes | Yes | Yes |
| Routing | |||
| Distributed Routing (IPv4 Only) | |||
| Distributed Routing – Static | Yes | Yes | Yes |
| Distributed Routing – Dynamic Routing with BGP | Yes | Yes | Yes |
| Distributed Routing – Dynamic Routing with OSPF | Yes | Yes | Yes |
| Equal Cost Multi-Pathing with Distributed Routing | Yes | Yes | Yes |
| Universal Distributed Logical Router (X-VC) | No | No | Yes |
| Dynamic Routing without Control VM (Static Only) | Yes | Yes | Yes |
| Active-standby Router Control VM | Yes | Yes | Yes |
| Edge Routing (N-S) | |||
| Edge Routing Static – IPv4 | Yes | Yes | Yes |
| Edge Routing Static – IPv6 | Yes | Yes | Yes |
| Dynamic Routing with NSX Edge (BGP) IPv4 | Yes | Yes | Yes |
| Dynamic Routing with NSX Edge (OSPFv2) IPv4 | Yes | Yes | Yes |
| Equal Cost Multi-Pathing with NSX Edge | Yes | Yes | Yes |
| Egress Routing Optimization in X-VC | No | No | Yes |
| DHCP Relay | Yes | Yes | Yes |
| Active-Standby NSX Edge Routing | Yes | Yes | Yes |
| VLAN Trunk (sub-interface) support | Yes | Yes | Yes |
| VXLAN Trunk (sub-interface) support | Yes | Yes | Yes |
| Per Interface RPF check on NSX Edge | Yes | Yes | Yes |
| Services | |||
| NAT Support for NSX Edge | |||
| NAT Support for NSX Edge | Yes | Yes | Yes |
| Source NAT | Yes | Yes | Yes |
| Destination NAT | Yes | Yes | Yes |
| Stateless NAT | |||
| ALG Support for NAT | Yes | Yes | Yes |
| DDI | |||
| DHCP Server | Yes | Yes | Yes |
| DHCP Relay | Yes | Yes | Yes |
| DNS Relay | Yes | Yes | Yes |
| VPN | |||
| IPSEC VPN | No | No | Yes |
| SSL VPN | No | No | Yes |
| L2 VPN (L2 extension with SSL VPN) | No | No | Yes |
| 802.1Q Trunks over L2 VPN | No | No | Yes |
| Security | |||
| Firewall – General | |||
| Single UI for Firewall Rule Enforcement – NS+ EW | No | Yes | Yes |
| Spoofguard | No | Yes | Yes |
| Firewall Logging | Yes | Yes | Yes |
| Rule Export | No | Yes | Yes |
| Auto-save & Rollback of Firewall rules | No | Yes | Yes |
| Granular Sections of Firewall rule table | No | Yes | Yes |
| Distributed Firewall | |||
| DFW – L2, L3 Rules | No | Yes | Yes |
| DFW – vCenter Object Based Rules | No | Yes | Yes |
| Identity Firewall Rules (AD Integration) | No | Yes | Yes |
| IPFix Support for DFW | No | Yes | Yes |
| Context-based control of FW enforcement (applied to objects) |
No | Yes | Yes |
| Edge Firewall | |||
| Edge Firewall | Yes | Yes | Yes |
| Edge High-Availability | Yes | Yes | Yes |
| Service Composer | |||
| Security Policy | Yes | Yes | Yes |
| Security Tags | Yes | Yes | Yes |
| vCenter Object based security groups | Yes | Yes | Yes |
| IPSet, MACset based security groups | Yes | Yes | Yes |
| Data Security | |||
| Scan Guest VMs for Sensitive Data | No | Yes | Yes |
| Third Party Integration | |||
| Endpoint Service Insertion – Guest Introspection | Yes | Yes | Yes |
| Network Service Insertion | No | Yes | Yes |
| Public API based Integration | Yes | Yes | Yes |
| Load-Balancing | |||
| Edge Load-Balancing | |||
| Protocols | |||
| TCP (L4 – L7) | No | Yes | Yes |
| UDP | No | Yes | Yes |
| FTP | No | Yes | Yes |
| HTTP | No | Yes | Yes |
| HTTPS (Pass-through) | No | Yes | Yes |
| HTTPS (SSL Termination) | No | Yes | Yes |
| LB Methods | No | Yes | Yes |
| Round Robin | No | Yes | Yes |
| Src IP Hash | No | Yes | Yes |
| Least Connection | No | Yes | Yes |
| URI, URL, HTTP (L7 engine) | No | Yes | Yes |
| vCenter Context-aware LB | No | Yes | Yes |
| L7 Application Rules | No | Yes | Yes |
| Health Checks | |||
| TCP | No | Yes | Yes |
| ICMP | No | Yes | Yes |
| UDP | No | Yes | Yes |
| HTTP | No | Yes | Yes |
| HTTPS | No | Yes | Yes |
| Connection Throttling | No | Yes | Yes |
| High-Availability | No | Yes | Yes |
| Monitoring | |||
| View VIP/Pool/Server Objects | No | Yes | Yes |
| View VIP/Pool/Server Stats | No | Yes | Yes |
| Global Stats VIP Sessions | No | Yes | Yes |
| Distributed Load-Balancing | |||
| L4 Load-balancing | No | No | Yes (tech-preview) |
| Health checks | No | No | Yes (tech-preview) |
| Operations | |||
| Tools | |||
| Tunnel Health Monitoring | No | No | No |
| TraceFlow | Yes | Yes | Yes |
| Port-Connections Tool | No | No | No |
| Server Activity Monitoring | No | Yes | Yes |
| Flow Monitoring | No | Yes | Yes |
| IPFix (VDS Feature) | Yes | Yes | Yes |
| VMware Tools | |||
| vR Operations Manager | Yes | Yes | Yes |
| vR Log Insight | Yes | Yes | Yes |
| Cloud Management Platform | |||
| vRealize Automation | |||
| Logical Switch Creation | Yes | Yes | Yes |
| Distributed router creation | Yes | Yes | Yes |
| Distributed firewall security consumption | No | Yes | Yes |
| Load-balancing consumption | No | Yes | Yes |
| App Isolation | No | Yes | Yes |
| VMware Integrated OpenStack (Neutron Plugin) | |||
| VLAN Provider Networks | Yes | Yes | Yes |
| Overlay Provider Networks | Yes | Yes | Yes |
| Overlay Tenant Networks | Yes | Yes | Yes |
| Metadata Proxy Service | Yes | Yes | Yes |
| DHCP Server | Yes | Yes | Yes |
| Neutron Router – Centralized – Shared | Yes | Yes | Yes |
| Neutron Router – Centralized – Exclusive | Yes | Yes | Yes |
| Neutron Router – Distributed | Yes | Yes | Yes |
| Static Routes on Neutron Router | Yes | Yes | Yes |
| Floating IP Support | Yes | Yes | Yes |
| No-NAT Neutron Routers | Yes | Yes | Yes |
| Neutron Security Groups using Stateful Firewall | No | Yes | Yes |
| Port Security | Yes | Yes | Yes |
| Neutron L2 Gateway | Yes | Yes | Yes |
| Load Balancing (LBaaS) | Yes | Yes | Yes |
| Admin Utility ( Consistency Check, Cleanup) | Yes | Yes | Yes |
| Cross VC Logical Networking and Security | No | No | No |
SOURCE: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145269
REFERENCE: http://www.vmware.com/files/pdf/products/nsx/vmware-nsx-editions-faq.pdf
