VMware NSX Reviews

I am in a presales role, selling the VMware solution. The typical use case is vague due to the wide range of institutions that make up our customer base.

VMware NSX has impacted overall operational costs by 80%.

I feel confident when I work with NSX since I have mastered the solution. It is good for all virtualization and networking.

If you had asked when it was NSX V, which was dedicated only for Hyper-V and VMware, I would have said they could open the door for all partners. At the moment, NSX T is complete. Migrating from V to T is very tricky, complicated, and there are a lot of parameters to account for. The pricing is also an issue; it's very expensive and changes all the time. VMware is not easy to negotiate with.

I have been working with VMware NSX since 2011.

I would say the stability of the solution is a nine out of ten.

The scalability is rated at eight out of ten.

I would rate technical support as ten as they have a lot of support and specialists who can meet with the customer.

Previously, some of the customers chose Nutanix and a few other solutions.

I think the initial setup is complex. You need knowledge of both networking and virtualization. It's complex for everyone, although I have experience with it.

The pricing is another discussion. The pricing is rated three because it's very expensive, changes often, and isn't easy to negotiate.

We did evaluate Nutanix.

The main challenge is upgrading from NSX V to NSX T. This upgrade requires considering many parameters that are not known by everyone.

I'd rate the solution seven out of ten.

We host citizen-centric portals. They are web portals where citizens can enter and fetch data. For example, we have tax-related portals, health-related portals, and education-related portals. These are social welfare portals, and for that, we use AWS services.

NSX helps us by making IT management and operations more efficient. When VMs spin off from the DC to the DR site, all required settings on the network level are handled automatically.

The most valuable feature of NSX is the ease of configuration. It handles automatic configuration of IP addresses and network settings during VM migrations between data centers.

The ticket support response time from VMware could be improved. Often, callbacks are delayed, which can be problematic if the servers are in production.

We have been using NSX for almost one year.

NSX is stable and reliable. I would rate its stability between eight or nine out of ten.

NSX is quite scalable. I would rate its scalability as eight out of ten.

The customer support from VMware could be more responsive, as sometimes callbacks are delayed, causing delays in addressing critical issues.

Positive

We did not switch from another solution to NSX. We have been using VMware products, including vSphere, for many years.

The initial setup of NSX was complex, but with the help of an experienced vendor and support from VMware, we managed to configure it successfully in a short time.

We had an experienced vendor help with the implementation and received good support from VMware during the setup.

VMware has moved to a bundled pricing model, which means we are sometimes forced to pay for features we don’t use. This has increased our overall costs.

We evaluated Azure and other solutions, but we preferred AWS.

I recommend NSX because it simplifies IT operations and management, especially for data center network configurations.

We use the solution to establish a connection between our two sites using the same IPs. This is our primary use case.

Segmentation, specifically micro-segmentation, and also for its extended service between sites to keep the same IP address on all sites are valuable features of the solution for our company.

The solution could benefit from improvements in its pricing and scalability.

I have been using VMware NSX for two years. Also, I am using VMware NSX-T 1.0

It is a stable solution. Our company is migrating from VMware NSX-T 1.0 to VMware NSX-T 3.0.

In terms of scalability, I would rate the solution a seven out of ten. Currently, VMware NSX is being used extensively in my company by approximately 1,000 end-users.

When our company contacts VMware's technical support, we open a ticket for our support request. In the past, we escalated issues to VMware support and raised tickets to receive resolutions.

The solution's initial setup process was easy.

The implementation process for the solution was executed with the assistance of our organization's in-house team.

Regarding the deployment process, we begin with the manager and the product. Next, we deploy the controller and proceed with the requirements of UA6. Subsequently, we configure the DLR, ULS, or UDL.

I don't look over the pricing and licensing of the solution.

Before our company decided to go with VMware NSX, we evaluated VMware vRA and VMware vRO.

The solution is highly recommended for those with similar use cases as our company, given its features and the exceptional support it offers. The solution's prompt and responsive support team makes it a reliable option. Overall, I rate the solution an eight out of ten.

VMware NSX helps create and operate on-demand networks. The solution is dynamic and flexible. Our company's principal use case for the product is to provide a network for private projects. VMware NSX is also used to link virtual networks with legal networks and develop a single environment that permits comprehending virtual and physical tasks. 

Firewall security is one of VMware NSX's vital features. Using the tags and the solution's security policy is incredibly simple. For instance, I can create a sketch on paper and redesign it with the tags present on the network segment using VMware NSX. 

A basic load balancer feature was present in a previous version, but the latest version only has an advanced load balancer. The vendor should integrate a basic load balancer in future versions. The advanced load balancer is mostly suitable for system integrators, but it is not usable for our company dimensions. 

I have been using VMware NSX for three years. 

I would rate the stability a ten out of ten. 

I would rate the scalability a nine out of ten. There are about a few hundred end-users of the solution in our organization. 

Our organization's virtual environments consist of virtual machines and systems within the network segments of VMware NSX, and every lab has professors, researchers, and students. 

Before Broadcom acquired VMware NSX, I would rate the tech support a nine out of ten. But presently, I wouldn't rate it so high because our company has difficulty reaching customer support. Whenever I write an email to the technical manager of the solution, I often don't receive a response. 

Overall, the setup process of VMware NSX was easy, but due to the unfamiliarity, the beginning of the process was a steep climb for our organization's team. In our company, we majorly utilize the on-prem deployment model but temporarily we also used the solution in the cloud because we needed the virtual labs and sometimes we needed to use VMware NSX on Azure. 

As a public administrator in Italy, our company signs a contract with an organization connected to numerous universities. This aforementioned organization creates the tender with VMware. I would rate the pricing of VMware NSX as seven out of ten. 

The micro-segmentation function of VMware NSX is wonderful because this feature allows for the best control of every single entrance point of data packets. I would overall rate VMware NSX a nine out of ten. I would recommend others to use the solution. 

It's what we use the CIS Benchmarks for. It's for employing hardening rules and keeping them up to date when things happen on our systems. So it's really configurations and stuff that harden and report back. 

Now, some of the hardening we have in our configuration, so there's some overlap there, but actually running the benchmarks and enforcing the benchmarks as security rules, they don't have much built for that. They got nothing for AIX, and Linux is not where the CIS benchmarks are. So they're way behind on partnering.

We had proof of concept at one point before the VMware purchase of SaltStack. And it had some merit, but the reality was it was under-implemented. And the merits were all in Linux. It was a good first stab at it, but it didn't have enough to implement in our environment, and then AIX kind of washed it right out, and they made a statement that they weren't going to support it. So it's been ruled out for us for a number of months.

SecOps does not work for us. Their SecOps is so infant, and it doesn't support AIX that we just can't use it.

Unusable is unusable. So if someone gives it to me for free. I can't use it. The only good thing is they've thought about it, but to me, they've underwritten it and haven't given it the attention to be a real product.

We use CIS (Center for Internet Security) Benchmark. It's actually a membership-type thing. And they have hardening rules and benchmarks, and it's a very common standard. 

They have products out there that Syscat is an older one, and they have a newer one, which I can't remember the name of. But it runs on your system, and they have benchmarks in there, and it scores your system based on hardening. 

We maintain a matrix of our hardened systems on a daily basis and know whether that score changed or not and alert if it does change. And then, in our environment, we have a whole lot of other tools out there.  

I would rate my experience with the initial setup a three out of ten, where one is a complex process, and ten is a difficult setup process.

This solution is really unusable from my perspective at this point. Overall, I would rate the solution a one of ten. 

We use so little of Red Hat Satellite. We use it for patching only. And I liked it better when it was the spacewalk equivalent, the informant thing. They're putting too much effort into the Virtu utilization and not enough into the day-to-day operations, for patching and stuff. Patching is a plugin as opposed to, like, the main product. Which is what we use it for.

So we're actually writing our own at this point because it's so heavy right now. The old satellite was good. Not great, but good. This one is just way too much overhead and focused on stuff we don't use.

I used to sell the solution as a bundled package. My role was to find the best solutions for customers from various vendors and work with our pre-sales and solution architecture departments to present these options. I provided high-level advice and my colleagues provided technical details. 

Our customers used the solution for segmentation and automation to secure workloads in their lower computing layer. One customer was CaixaBank, an important financial institution in Spain. 

The dashboard is comprehensive and easy to use. 

The solution integrates perfectly with F5, Check Point, and other applications. Integration with vendors is very important for customers. For our CaixaBank deployment, the solution performed these integrations which included defining, automating, and applying different rules and security functionalities. 

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. 

Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it. 

I have been familiar with the solution for three years. 

The solution is very stable. 

The solution is scalable and can handle deployment to thousands of devices with no issues. 

Technical support is very, very good. Staff work hard to understand new functionalities or bug fixes that are released monthly. 

The setup depends on the project scope. For example, CaixaBank's project had a very large scope that was divided into many different parts. Deployment took one year but the project is still ongoing. 

Good deployments depend on an assessment phase where you talk with different departments before defining objectives. Discussions should occur both with systems and security staff. With proper pre-assessment, the solution operates and integrates perfectly. 

The pricing is higher than other options from Palo Alto, Fortinet, and Cisco because it is sold in a bundle. 

Customers do not know the individual price of the solution so they compare the package pricing to competitors. The solution should offer stand-alone pricing so it can be accurately compared to other options. 

There are many solutions in the market that offer similar functionality and characteristics. 

Palo Alto, Fortinet, and Cisco offer lower prices because they are considered legacy. Segmentation is very detailed so many customers prefer legacy options for peace of mind. 

The solution is a very, very good product that is perfect for customers who have good technical support. 

I recommend the solution and rate it a seven out of ten.

NSX is used with vCloud Director to provide networking as a service or extend the capabilities of the load balancer, VPN, firewall, etc. There are two types of NSX. VMware's latest version is a product called NSX-T. It's a universal solution used across the VMware lineup and products like Hyper-V or the public cloud. You can use it on-prem or public cloud as well. NSX is used by the operations team, architects, and engineers. There are maybe 20 to 30 people using it.

NSX extends Layer-2 scalability on Layer 3, covering the vRO and extending the capability on Layer 3 by decapsulating using a new mechanism. NSX-V was designed to use with VMware products and Success 360, providing more flexibility toward different levels of cloud, containers, and components. NSX-T gives you the ability to stretch your network across different view locations. If you have multiple sites, you can connect them using NSX-T.

In the next release, they should enhance the visual interface. With NSX-T, it's difficult to communicate between the public cloud and the container. 

I have been using NSX for three or four years. 

NSX is stable.

NSX is scalable. You can deploy it on one node or a three-node cluster.

I rate VMware support six out of 10 for NSX-V and seven out of 10 for NSX-T.

Deploying NSX is difficult. VMware NSX has three components: management, controller, and database. You have to understand each of them and where to deploy them. There are lots of logs as well. The deployment varies whether you are deploying on a VM, public cloud, or standalone hardware. Each has its own prerequisites.

First, you have to enable features on your physical equipment, enabling you to install NSX. You have to deploy the dependencies and fix the board. The deployment time depends on the equipment, whether it's from Cisco, Jupiter, or another vendor. They have different approaches to enabling NSX.

The licensing is based on the CPU or the physical unit.

I rate NSX nine out of10. 

The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.

It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.

NSX is good in managing security or controlling the security and the access control for each single VM. 

It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.

It integrates with certain vendors like Palo Alto seamlessly.

The product is stable. 

We can scale the solution. 

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

I've been using the solution for a couple of years now. 

Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good. 

It is a scalable product. 

We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally. 

We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support. 

We didn't use any solution for the virtualized environment.

That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.

It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.

 It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.

I'd rate the process a there out of five in terms of ease of setup. 

The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.

We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.

We had a consultation and fielded recommendations from a Palo Alto engineer.

From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own. 

I'm not sure about licensing, as this is out of my scope as a technical engineer.

We did look into other options before choosing this solution. 

We are a partner. I'm using the latest version of the solution. 

It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.

I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low.