Liberando el proyecto NSX Transformers, a partir de Mayo 3, 2015 se masifica el uso de Software-Defined Networking para clientes VMware. De acuerdo a VMware, se espera que con esta reducción de precios, se aumente el número de Clientes logrados durante el 2016 (actualmente existen 1400 clientes de NSX generando US$ 600 MM durante este 2016) de los cuales 350 clientes ya utilizan NSX en ambientes de Producción (datos a Marzo 2016). IDC predice que el mercado SDN puede generar más de US$ 12 billones hacia el 2020, aunque otros estudios posicionan un volumen de mercado aún mayor (Research and Markets predice más de US$ 77 billones en mercado SDN para el 2020).
VMware NSX (versiones 6.2.2 en adelante) se puede licenciar bajo una de las siguientes 3 ediciones:
- NSX Standard Edition (US$1995 por CPU más SnS anual): entrega el framework básico, permite integración con productos de tercero. Incluye Switching L2, Ruteo L3, NAT e Integración nativa con OpenStack (Neutron) y VMware vRealize Automation. Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi.
- NSX Advanced Edition (US$4495 por CPU más SnS anual): Standard Edition más incluye el tema de micro-segmentation a nivel de Data Center. Incluye Firewall distribuido, Integración con Microsoft Active Directory, Automatización de servicios con VMware vRealize Automation, Uso de Data Security y Balanceador de Carga. Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi, y por usuario (orientado a VDI).
- NSX Enterprise Edition (US$6995 por CPU más SnS anual): Incluye Advanced Edition, más SDN entre distintos dominios de vCenter. Incluye IPSec VPN, SSL VPN y características avanzadas de NSX como la comunicación entre distintos Data Centers (múltiples vCenters), gateways remotos y escalamiento a nivel VTEP con Hardware certificado. Soporta licenciamiento perpetuo, por CPU a nivel de servidor físico ESXi.
NSX for vSphere 6.2 | |||
Feature | Standard
US$1995 por CPU |
Advanced
US$4495 por CPU |
Enterprise
US$6995 por CPU |
Hypervisors Supported | |||
Platform | |||
ESXi 5.5 | Yes | Yes | Yes |
ESXi 6.0 | Yes | Yes | Yes |
vCenter 5.5 | Yes | Yes | Yes |
vCenter 6.0 | Yes | Yes | Yes |
Cross vCenter Networking & Security | No | No | Yes |
Controller Architecture | |||
NSX Controller | Yes | Yes | Yes |
Universal Controller for X-VC | No | No | Yes |
Optimized ARP Learning, BCAST supression | Yes | Yes | Yes |
Switching | |||
Encapsulation Format | |||
VXLAN | Yes | Yes | Yes |
Replication Mode for VXLAN | |||
Multicast | Yes | Yes | Yes |
Hybrid | Yes | Yes | Yes |
Unicast | Yes | Yes | Yes |
Overlay to VLAN bridging | |||
SW Bridge (ESXi-based) | Yes | Yes | Yes |
Hardware VTEP (OVSDB) with L2 Bridging | No | No | Yes |
Universal Distributed Logical Switching (X-VC) | No | No | Yes |
Multiple VTEP Support | Yes | Yes | Yes |
Routing | |||
Distributed Routing (IPv4 Only) | |||
Distributed Routing – Static | Yes | Yes | Yes |
Distributed Routing – Dynamic Routing with BGP | Yes | Yes | Yes |
Distributed Routing – Dynamic Routing with OSPF | Yes | Yes | Yes |
Equal Cost Multi-Pathing with Distributed Routing | Yes | Yes | Yes |
Universal Distributed Logical Router (X-VC) | No | No | Yes |
Dynamic Routing without Control VM (Static Only) | Yes | Yes | Yes |
Active-standby Router Control VM | Yes | Yes | Yes |
Edge Routing (N-S) | |||
Edge Routing Static – IPv4 | Yes | Yes | Yes |
Edge Routing Static – IPv6 | Yes | Yes | Yes |
Dynamic Routing with NSX Edge (BGP) IPv4 | Yes | Yes | Yes |
Dynamic Routing with NSX Edge (OSPFv2) IPv4 | Yes | Yes | Yes |
Equal Cost Multi-Pathing with NSX Edge | Yes | Yes | Yes |
Egress Routing Optimization in X-VC | No | No | Yes |
DHCP Relay | Yes | Yes | Yes |
Active-Standby NSX Edge Routing | Yes | Yes | Yes |
VLAN Trunk (sub-interface) support | Yes | Yes | Yes |
VXLAN Trunk (sub-interface) support | Yes | Yes | Yes |
Per Interface RPF check on NSX Edge | Yes | Yes | Yes |
Services | |||
NAT Support for NSX Edge | |||
NAT Support for NSX Edge | Yes | Yes | Yes |
Source NAT | Yes | Yes | Yes |
Destination NAT | Yes | Yes | Yes |
Stateless NAT | |||
ALG Support for NAT | Yes | Yes | Yes |
DDI | |||
DHCP Server | Yes | Yes | Yes |
DHCP Relay | Yes | Yes | Yes |
DNS Relay | Yes | Yes | Yes |
VPN | |||
IPSEC VPN | No | No | Yes |
SSL VPN | No | No | Yes |
L2 VPN (L2 extension with SSL VPN) | No | No | Yes |
802.1Q Trunks over L2 VPN | No | No | Yes |
Security | |||
Firewall – General | |||
Single UI for Firewall Rule Enforcement – NS+ EW | No | Yes | Yes |
Spoofguard | No | Yes | Yes |
Firewall Logging | Yes | Yes | Yes |
Rule Export | No | Yes | Yes |
Auto-save & Rollback of Firewall rules | No | Yes | Yes |
Granular Sections of Firewall rule table | No | Yes | Yes |
Distributed Firewall | |||
DFW – L2, L3 Rules | No | Yes | Yes |
DFW – vCenter Object Based Rules | No | Yes | Yes |
Identity Firewall Rules (AD Integration) | No | Yes | Yes |
IPFix Support for DFW | No | Yes | Yes |
Context-based control of FW enforcement (applied to objects) |
No | Yes | Yes |
Edge Firewall | |||
Edge Firewall | Yes | Yes | Yes |
Edge High-Availability | Yes | Yes | Yes |
Service Composer | |||
Security Policy | Yes | Yes | Yes |
Security Tags | Yes | Yes | Yes |
vCenter Object based security groups | Yes | Yes | Yes |
IPSet, MACset based security groups | Yes | Yes | Yes |
Data Security | |||
Scan Guest VMs for Sensitive Data | No | Yes | Yes |
Third Party Integration | |||
Endpoint Service Insertion – Guest Introspection | Yes | Yes | Yes |
Network Service Insertion | No | Yes | Yes |
Public API based Integration | Yes | Yes | Yes |
Load-Balancing | |||
Edge Load-Balancing | |||
Protocols | |||
TCP (L4 – L7) | No | Yes | Yes |
UDP | No | Yes | Yes |
FTP | No | Yes | Yes |
HTTP | No | Yes | Yes |
HTTPS (Pass-through) | No | Yes | Yes |
HTTPS (SSL Termination) | No | Yes | Yes |
LB Methods | No | Yes | Yes |
Round Robin | No | Yes | Yes |
Src IP Hash | No | Yes | Yes |
Least Connection | No | Yes | Yes |
URI, URL, HTTP (L7 engine) | No | Yes | Yes |
vCenter Context-aware LB | No | Yes | Yes |
L7 Application Rules | No | Yes | Yes |
Health Checks | |||
TCP | No | Yes | Yes |
ICMP | No | Yes | Yes |
UDP | No | Yes | Yes |
HTTP | No | Yes | Yes |
HTTPS | No | Yes | Yes |
Connection Throttling | No | Yes | Yes |
High-Availability | No | Yes | Yes |
Monitoring | |||
View VIP/Pool/Server Objects | No | Yes | Yes |
View VIP/Pool/Server Stats | No | Yes | Yes |
Global Stats VIP Sessions | No | Yes | Yes |
Distributed Load-Balancing | |||
L4 Load-balancing | No | No | Yes (tech-preview) |
Health checks | No | No | Yes (tech-preview) |
Operations | |||
Tools | |||
Tunnel Health Monitoring | No | No | No |
TraceFlow | Yes | Yes | Yes |
Port-Connections Tool | No | No | No |
Server Activity Monitoring | No | Yes | Yes |
Flow Monitoring | No | Yes | Yes |
IPFix (VDS Feature) | Yes | Yes | Yes |
VMware Tools | |||
vR Operations Manager | Yes | Yes | Yes |
vR Log Insight | Yes | Yes | Yes |
Cloud Management Platform | |||
vRealize Automation | |||
Logical Switch Creation | Yes | Yes | Yes |
Distributed router creation | Yes | Yes | Yes |
Distributed firewall security consumption | No | Yes | Yes |
Load-balancing consumption | No | Yes | Yes |
App Isolation | No | Yes | Yes |
VMware Integrated OpenStack (Neutron Plugin) | |||
VLAN Provider Networks | Yes | Yes | Yes |
Overlay Provider Networks | Yes | Yes | Yes |
Overlay Tenant Networks | Yes | Yes | Yes |
Metadata Proxy Service | Yes | Yes | Yes |
DHCP Server | Yes | Yes | Yes |
Neutron Router – Centralized – Shared | Yes | Yes | Yes |
Neutron Router – Centralized – Exclusive | Yes | Yes | Yes |
Neutron Router – Distributed | Yes | Yes | Yes |
Static Routes on Neutron Router | Yes | Yes | Yes |
Floating IP Support | Yes | Yes | Yes |
No-NAT Neutron Routers | Yes | Yes | Yes |
Neutron Security Groups using Stateful Firewall | No | Yes | Yes |
Port Security | Yes | Yes | Yes |
Neutron L2 Gateway | Yes | Yes | Yes |
Load Balancing (LBaaS) | Yes | Yes | Yes |
Admin Utility ( Consistency Check, Cleanup) | Yes | Yes | Yes |
Cross VC Logical Networking and Security | No | No | No |
SOURCE: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145269
REFERENCE: http://www.vmware.com/files/pdf/products/nsx/vmware-nsx-editions-faq.pdf