VMware NSX Reviews

The ease in which to install this product and make it work straight away without minimum changes in your physical network and is simply astonishing. The only thing you need to do when installing this product is change your MTU to 1600 (jumbo frames). It provides microsegmentation and good security features for north-south and east-west traffic across your SDDC. The performance you obtain at the virtual layer and traffic crossing for your VMs gets improved dramatically because the traffic doesn't leave the hypervisor. I'm not a network guy myself but NSX makes it really easy to understand how the virtual network pins together and how you can manage the traffic and security within your VMware deployment without the hassle of changing VLANs, adding unnecessary protocols for discovery, etc.

Encapsulating the traffic using VXLAN is a great addition. It extrapolates the number of VLANs that you can stretch to an almost infinite number of VXLAN (millions of VXLANs). In abstract, you are dealing with numerous VLANs every time you want to send traffic from one VM to another, basically VMs on different hosts within the same datacenter will be connected to the same logical switch and traffic is advertised via unicast traffic from the NSX controllers to let every body know in the environment "who is who" to minimize the amount of multicast traffic.

We haven't installed this in our environment yet. We have a major lab to provide our Ci-Dev team a sandpit to test apps and its security when deploying a three-tier application on our customers and test every single connection and performance before handing over the application to the customer.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Six months now.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

A very stable product, it is more mature than it was four years ago when it first came out. The performance you get with this product is near-line rate.

If you have a large environment, the sprawl of Distributed Logical Routers or logical switches can be hard to manage, but you will have the same issues in a physical network.

We have a direct line with VMware support and with the specialized engineer who provides support on NSX. We haven't had to open a support call yet, but the engineer we've dealt with is very capable and knowledgeable on the product.

Excellent. VMware engineers are top of the line. I haven't met one engineer who doesn't know the product well that they support.

Nope, never used a network virtualisation product before.

It was straightforward. Just a couple of install media and .ovf files and you're done. The interesting part comes after installation when you need to define your virtual network architecture and how you're going to deploy rules and connectivity for your VMs.

In-house deployment. We're a large VMware shop and know VMware products well.

Not applicable for this product yet.

We got the licenses from VMware as part of the NFR agreement, but you will require a medium infrastructure to deploy this initially. Lot of memory and CPU are required to have the product run smoothly

No, there are no other products in the market that provide network virtualisation as far as I know.

Download the installer, try it, and you will love it. Some hardcore network administrators will say it is not the same, and of course is not the same, but it is a new way to do things in the network space. It is the way of the future when deploying large networks in Software Defined Data Centres.

I have worked on NSX for the last couple of months and I Liked Distributed Logical Switching, Distributed Logical Router and Distributed Firewall the most.

We have deployed it in a virtual environment and it saved a lot of time and effort for us to configure.

Speed of the NSX Controllers while deploying sometimes gets a bit slower which can be improved, overall its a great product

Last few months.

No issues.

No issues.

No issues.

Satisfied.

Satisfied.

No.

We are a Partner and we have deployed it for our customer.

Open APIs allow seamless integration with other products. Eventhough Lastline does not provide an end-to-end solution like their rivals, namely McAfee, TrendMicro and Symantec, Lastline excels by providing their APIs so that they could be integrated with other security products.

With Lastline, the effort to put in into the protecting the users against zero-day threats and malware can be subsequently reduced. It's accuracy and analysis reports on the objects are what all the other vendors should make an example of.

Lastline's reports can sometimes be very complicated and somehow leaves users with lots of technical information that cannot be easily digested. A more presentable reporting should be provided. However, this is not a weakness and their reporting is only suitable for people with certain technical knowledge.

Lastline itself is a complicated product to navigate through, although it provides a lot of details to the users. This was a feedback from one of our customer here during the POC stage. Users may be required to be technically sound to understand what Lastline has provided to them. What I mean by "a more presentable reporting" is that Lastline should provide a more user readable format of the report; perhaps more visual storyline of their process?

I have been using and performing POC on Lastline for my customers for around 1 year.

No issues.

No stability issues.

Lastline has no issue with scalability as it is by far the more scalable amongst APT solutions.

Lastline support has yet to fully penetrate into the SEA market. Their responses may come from their Sales and System engineers instead of their support team.

As mentioned, their system engineers are very well trained and experience enough to answer most of the technical and product inquiries thrown at them.

No.

Initial setup is very straightforward for cloud-based deployment. For on-premise deployment, it will require some UNIX-based commands knowledge.

Lastline is not a cheap product if compared with their competitors. I wish they could do something about the pricing as it is very hard to convince the customers on such a model.

The Internet is a nasty place, and getting nastier. Current breach detection products using traditional anti-malware sandbox technologies can’t keep up with advanced persistent and hyper-evasive threats that pummel enterprise networks on an hourly basis. Malware authors encode their exploits with a number of operational vectors, so in case one entry point doesn’t work they can still find a way into your network to do their dirty work. And as more businesses hire more outsourced consultants, part-time workers, and employ mobile devices, they open up additional mechanisms for malware to enter their corporate networks.

Some traditional AV and endpoint protection vendors have responded to these threats by adding features to their security products to do a better job of anticipating badly behaving packets coming through their detectors. They make use of limited virtual machines or operating system emulators to view how a piece of malware operates. That is great, but it isn’t enough. Many malware authors can detect when these simulated environments are active and can evade detection accordingly. For example, some exploits such as W32.DelfInj can literally go to sleep for several days to avoid any detector that will just scan an infected system for the first several minutes.

What is needed is a next-generation sandbox that can correlate a series of particular breach events add IP and object based reputation analysis and do this in near real-time. This is what the Lastline Breach Detection Platform does. What makes them unique is their range of discovery, the way they can effectively mimic actual PC or smartphone endpoints to examine malware behavior.

Download my full review of their system here.

Lastline has four major components:

• Network sensors. Lots of security tools have sensors, and certainly this is the cornerstone of any modern security tool. What makes Lastline more interesting is that it combines IP and domain reputation analysis with malware fingerprinting techniques. 

• Advanced sandbox screening tool. Suspicious objects that are suspected to be zero-day threats are collected from the sensors and analyzed with the Lastline next-generation sandbox, which emulates a complete endpoint system (OS, memory, and peripherals). Other sandboxing tools leave small in-guest code stubs that can reveal they aren’t “real” endpoints; Lastline doesn’t have these clues for malware to key into and looks just like regular computers. 

• Reporting and threat analysis tool. Low-level event data is then collected and correlated into a particular security incident, which then updates an online threat database. For example, just by clicking on a few different menu items, we can see how often the same infection was downloaded by a particular endpoint, or why a particular event led to other activities across our network, or how a piece of malware was attached to a series of different email messages.

• Rich threat intelligence of advanced threats.Known exploits and IP based systems associatedwith advanced malware are highly dynamic and traditional signature-based knowledge bases are ill equipped to keep up. Lastline threat intelligence draws on its global collection of next-generation sandboxes.

They just announced added Mac OS X support, which I didn't get to test. 

It is a bit tricky to install the various components and to get it set up properly. But once you do, you can take full advantage of its features. 

No.

No, indeed this is one of its main benefits. You can scale it up to handle very large networks with their modular and SaaS-based tools. 

To add flexibility to its system, both the next-generation sandbox and reporting tool can be either hosted or installed on-premises.

Their core idea is to run a piece of suspected malware in such a way as to provide the ultimate examination of its operations. Suspected code is extracted from the network traffic flow, analyzed andcorrelated with other network-level events to provide a full picture of what happened. It has one of the most throughout analysis sandbox engines. But what is more important is how they are able to provide actionable intelligence to a wide variety of leading security vendors’ intrusion prevention and unified threat management platforms from WatchGuard, Barracuda, TippingPoint, Juniper, Tripwire and others. Through a combination of application programming interfaces, Lastline can send and receive firewall blocking rules and breach event data to/from the appropriate systems that you have already purchased, so that these threats can be quickly stopped.

Yes, there are other sandboxing securing tools out there, but they aren't as thorough as what Lastline does.

Vendor team was first rate.

We use NSX in our data center. 

We use the NSX firewall which is great. 

I'd like to see more integration with other solutions. 

We've been using this solution for over two years. 

The solution is stable.

The solution is scalable.

I haven't used technical support. 

I recommend this solution and rate it seven out of 10. 

VMware NSX is used as a software-defined network. We used the solution in a data center.

The most valuable feature of VMware NSX is the ability to set up virtual networking environments.

The solution can improve by making it more straightforward, easier to install and maintain in the environment.

I have been using VMware NSX for approximately five years.

VMware NSX is a scalable solution.

My experience with technical support is good. I have not used them very much but what I have contacted the support they have been responsive and helpful.

The implementation of VMware NSX is moderately complex. However, it depends on your data center environment complexity.

VMware has always been geared towards enterprise and their pricing options are a bit high. Their price is higher than other options in the market.

I would advise those wanting to implement this solution to give themselves a fair amount of time and make sure are working with someone who is reasonably well trained and has done it before. 

I rate VMware NSX an eight out of ten.