Embalagem em massa NSX para clientes VMware

transformers-wallpapers-hd

Liberando el proyecto NSX Transformers, a partir de Mayo 3, 2015 se masifica el uso de Software-Defined Networking para clientes VMware. De acuerdo a VMware, se espera que con esta reducción de precios, se aumente el número de Clientes logrados durante el 2016 (actualmente existen 1400 clientes de NSX generando US$ 600 MM durante este 2016) de los cuales 350 clientes ya utilizan NSX en ambientes de Producción (datos a Marzo 2016). IDC predice que el mercado SDN puede generar más de US$ 12 billones hacia el 2020, aunque otros estudios posicionan un volumen de mercado aún mayor (Research and Markets predice más de US$ 77 billones en mercado SDN para el 2020).

VMware NSX (versiones 6.2.2 en adelante) se puede licenciar bajo una de las siguientes 3 ediciones:

  • NSX Standard Edition (US$1995 por CPU más SnS anual): entrega el framework básico, permite integración con productos de tercero. Incluye Switching L2, Ruteo L3, NAT e Integración nativa con OpenStack (Neutron) y VMware vRealize Automation. Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi.
  • NSX Advanced Edition (US$4495 por CPU más SnS anual): Standard Edition más incluye el tema de micro-segmentation a nivel de Data Center. Incluye Firewall distribuido, Integración con Microsoft Active Directory, Automatización de servicios con VMware vRealize Automation, Uso de Data Security y Balanceador de Carga. Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi, y por usuario (orientado a VDI).
  • NSX Enterprise Edition (US$6995 por CPU más SnS anual): Incluye Advanced Edition, más SDN entre distintos dominios de vCenter. Incluye IPSec VPN, SSL VPN y características avanzadas de NSX como la comunicación entre distintos Data Centers (múltiples vCenters), gateways remotos y escalamiento a nivel VTEP con Hardware certificado.  Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi.
NSX for vSphere 6.2
Feature Standard

US$1995

por CPU

Advanced

US$4495

por CPU

Enterprise

US$6995

por CPU

Hypervisors Supported      
Platform      
ESXi 5.5 Yes Yes Yes
ESXi 6.0 Yes Yes Yes
vCenter 5.5 Yes Yes Yes
vCenter 6.0 Yes Yes Yes
Cross vCenter Networking & Security No No Yes
Controller Architecture      
NSX Controller Yes Yes Yes
Universal Controller for X-VC No No Yes
Optimized ARP Learning, BCAST supression Yes Yes Yes
Switching      
Encapsulation Format      
VXLAN Yes Yes Yes
Replication Mode for VXLAN      
Multicast Yes Yes Yes
Hybrid Yes Yes Yes
Unicast Yes Yes Yes
Overlay to VLAN bridging      
SW Bridge (ESXi-based) Yes Yes Yes
Hardware VTEP (OVSDB) with L2 Bridging No No Yes
Universal Distributed Logical Switching (X-VC) No No Yes
Multiple VTEP Support Yes Yes Yes
Routing      
Distributed Routing (IPv4 Only)      
Distributed Routing – Static Yes Yes Yes
Distributed Routing – Dynamic Routing with BGP Yes Yes Yes
Distributed Routing – Dynamic Routing with OSPF Yes Yes Yes
Equal Cost Multi-Pathing with Distributed Routing Yes Yes Yes
Universal Distributed Logical Router (X-VC) No No Yes
Dynamic Routing without Control VM (Static Only) Yes Yes Yes
Active-standby Router Control VM Yes Yes Yes
Edge Routing (N-S)      
Edge Routing Static – IPv4 Yes Yes Yes
Edge Routing Static – IPv6 Yes Yes Yes
Dynamic Routing with NSX Edge (BGP) IPv4 Yes Yes Yes
Dynamic Routing with NSX Edge (OSPFv2) IPv4 Yes Yes Yes
Equal Cost Multi-Pathing with NSX Edge Yes Yes Yes
Egress Routing Optimization in X-VC No No Yes
DHCP Relay Yes Yes Yes
Active-Standby NSX Edge Routing Yes Yes Yes
VLAN Trunk (sub-interface) support Yes Yes Yes
VXLAN Trunk (sub-interface) support Yes Yes Yes
Per Interface RPF check on NSX Edge Yes Yes Yes
Services      
NAT Support for NSX Edge      
NAT Support for NSX Edge Yes Yes Yes
Source NAT Yes Yes Yes
Destination NAT Yes Yes Yes
Stateless NAT
ALG Support for NAT Yes Yes Yes
DDI      
DHCP Server Yes Yes Yes
DHCP Relay Yes Yes Yes
DNS Relay Yes Yes Yes
VPN      
IPSEC VPN No No Yes
SSL VPN No No Yes
L2 VPN (L2 extension with SSL VPN) No No Yes
802.1Q Trunks over L2 VPN No No Yes
Security      
Firewall – General      
Single UI for Firewall Rule Enforcement – NS+ EW No Yes Yes
Spoofguard No Yes Yes
Firewall Logging Yes Yes Yes
Rule Export No Yes Yes
Auto-save & Rollback of Firewall rules No Yes Yes
Granular Sections of Firewall rule table No Yes Yes
Distributed Firewall      
DFW – L2, L3 Rules No Yes Yes
DFW – vCenter Object Based Rules No Yes Yes
Identity Firewall Rules (AD Integration) No Yes Yes
IPFix Support for DFW No Yes Yes
Context-based control of FW enforcement
(applied to objects)
No Yes Yes
Edge Firewall      
Edge Firewall Yes Yes Yes
Edge High-Availability Yes Yes Yes
Service Composer      
Security Policy Yes Yes Yes
Security Tags Yes Yes Yes
vCenter Object based security groups Yes Yes Yes
IPSet, MACset based security groups Yes Yes Yes
Data Security      
Scan Guest VMs for Sensitive Data No Yes Yes
Third Party Integration      
Endpoint Service Insertion – Guest Introspection Yes Yes Yes 
Network Service Insertion No Yes Yes
Public API based Integration Yes Yes  Yes
Load-Balancing      
Edge Load-Balancing      
Protocols
TCP (L4 – L7) No Yes Yes
UDP No Yes Yes
FTP No Yes Yes
HTTP No Yes Yes
HTTPS (Pass-through) No Yes Yes
HTTPS (SSL Termination) No Yes Yes
LB Methods No Yes Yes
Round Robin No Yes Yes
Src IP Hash No Yes Yes
Least Connection No Yes Yes
URI, URL, HTTP (L7 engine) No Yes Yes
vCenter Context-aware LB No Yes Yes
L7 Application Rules No Yes Yes
Health Checks
TCP No Yes Yes
ICMP No Yes Yes
UDP No Yes Yes
HTTP No Yes Yes
HTTPS No Yes Yes
Connection Throttling No Yes Yes
High-Availability No Yes Yes
Monitoring
View VIP/Pool/Server Objects No Yes Yes
View VIP/Pool/Server Stats No Yes Yes
Global Stats VIP Sessions No Yes Yes
Distributed Load-Balancing      
L4 Load-balancing No No Yes (tech-preview)
Health checks No No Yes (tech-preview)
Operations      
Tools      
Tunnel Health Monitoring No No No
TraceFlow Yes Yes Yes
Port-Connections Tool No No No
Server Activity Monitoring No Yes Yes
Flow Monitoring No Yes Yes
IPFix (VDS Feature) Yes Yes Yes
VMware Tools      
vR Operations Manager Yes Yes Yes
vR Log Insight Yes Yes Yes
Cloud Management Platform      
vRealize Automation      
Logical Switch Creation Yes Yes Yes
Distributed router creation Yes Yes Yes
Distributed firewall security consumption No Yes Yes
Load-balancing consumption No Yes Yes
App Isolation No Yes Yes
VMware Integrated OpenStack (Neutron Plugin)      
VLAN Provider Networks Yes Yes Yes
Overlay Provider Networks Yes Yes Yes
Overlay Tenant Networks Yes Yes Yes
Metadata Proxy Service Yes Yes Yes
DHCP Server Yes Yes Yes
Neutron Router – Centralized – Shared Yes Yes Yes
Neutron Router – Centralized – Exclusive Yes Yes Yes
Neutron Router – Distributed Yes Yes Yes
Static Routes on Neutron Router Yes Yes Yes
Floating IP Support Yes Yes Yes
No-NAT Neutron Routers Yes Yes Yes
Neutron Security Groups using Stateful Firewall No Yes Yes
Port Security Yes Yes Yes
Neutron L2 Gateway Yes Yes Yes
Load Balancing (LBaaS) Yes Yes Yes
Admin Utility ( Consistency Check, Cleanup) Yes Yes Yes
Cross VC Logical Networking and Security No No No

SOURCE: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145269

REFERENCE: http://www.vmware.com/files/pdf/products/nsx/vmware-nsx-editions-faq.pdf

Post Author: Fernando Escobar

CTO Ambassador (VMware’s Office of the CTO), VMware vExpert Cloud, VMware vExpert core, SDDC Trusted Advisor, Cloud Architect

Deixe um comentário

Esse site utiliza o Akismet para reduzir spam. Aprenda como seus dados de comentários são processados.