VMware NSX Reviews

It's what we use the CIS Benchmarks for. It's for employing hardening rules and keeping them up to date when things happen on our systems. So it's really configurations and stuff that harden and report back. 

Now, some of the hardening we have in our configuration, so there's some overlap there, but actually running the benchmarks and enforcing the benchmarks as security rules, they don't have much built for that. They got nothing for AIX, and Linux is not where the CIS benchmarks are. So they're way behind on partnering.

We had proof of concept at one point before the VMware purchase of SaltStack. And it had some merit, but the reality was it was under-implemented. And the merits were all in Linux. It was a good first stab at it, but it didn't have enough to implement in our environment, and then AIX kind of washed it right out, and they made a statement that they weren't going to support it. So it's been ruled out for us for a number of months.

SecOps does not work for us. Their SecOps is so infant, and it doesn't support AIX that we just can't use it.

Unusable is unusable. So if someone gives it to me for free. I can't use it. The only good thing is they've thought about it, but to me, they've underwritten it and haven't given it the attention to be a real product.

We use CIS (Center for Internet Security) Benchmark. It's actually a membership-type thing. And they have hardening rules and benchmarks, and it's a very common standard. 

They have products out there that Syscat is an older one, and they have a newer one, which I can't remember the name of. But it runs on your system, and they have benchmarks in there, and it scores your system based on hardening. 

We maintain a matrix of our hardened systems on a daily basis and know whether that score changed or not and alert if it does change. And then, in our environment, we have a whole lot of other tools out there.  

I would rate my experience with the initial setup a three out of ten, where one is a complex process, and ten is a difficult setup process.

This solution is really unusable from my perspective at this point. Overall, I would rate the solution a one of ten. 

We use so little of Red Hat Satellite. We use it for patching only. And I liked it better when it was the spacewalk equivalent, the informant thing. They're putting too much effort into the Virtu utilization and not enough into the day-to-day operations, for patching and stuff. Patching is a plugin as opposed to, like, the main product. Which is what we use it for.

So we're actually writing our own at this point because it's so heavy right now. The old satellite was good. Not great, but good. This one is just way too much overhead and focused on stuff we don't use.

NSX is used with vCloud Director to provide networking as a service or extend the capabilities of the load balancer, VPN, firewall, etc. There are two types of NSX. VMware's latest version is a product called NSX-T. It's a universal solution used across the VMware lineup and products like Hyper-V or the public cloud. You can use it on-prem or public cloud as well. NSX is used by the operations team, architects, and engineers. There are maybe 20 to 30 people using it.

NSX extends Layer-2 scalability on Layer 3, covering the vRO and extending the capability on Layer 3 by decapsulating using a new mechanism. NSX-V was designed to use with VMware products and Success 360, providing more flexibility toward different levels of cloud, containers, and components. NSX-T gives you the ability to stretch your network across different view locations. If you have multiple sites, you can connect them using NSX-T.

In the next release, they should enhance the visual interface. With NSX-T, it's difficult to communicate between the public cloud and the container. 

I have been using NSX for three or four years. 

NSX is stable.

NSX is scalable. You can deploy it on one node or a three-node cluster.

I rate VMware support six out of 10 for NSX-V and seven out of 10 for NSX-T.

Deploying NSX is difficult. VMware NSX has three components: management, controller, and database. You have to understand each of them and where to deploy them. There are lots of logs as well. The deployment varies whether you are deploying on a VM, public cloud, or standalone hardware. Each has its own prerequisites.

First, you have to enable features on your physical equipment, enabling you to install NSX. You have to deploy the dependencies and fix the board. The deployment time depends on the equipment, whether it's from Cisco, Jupiter, or another vendor. They have different approaches to enabling NSX.

The licensing is based on the CPU or the physical unit.

I rate NSX nine out of10. 

We use the solution to establish a connection between our two sites using the same IPs. This is our primary use case.

Segmentation, specifically micro-segmentation, and also for its extended service between sites to keep the same IP address on all sites are valuable features of the solution for our company.

The solution could benefit from improvements in its pricing and scalability.

I have been using VMware NSX for two years. Also, I am using VMware NSX-T 1.0

It is a stable solution. Our company is migrating from VMware NSX-T 1.0 to VMware NSX-T 3.0.

In terms of scalability, I would rate the solution a seven out of ten. Currently, VMware NSX is being used extensively in my company by approximately 1,000 end-users.

When our company contacts VMware's technical support, we open a ticket for our support request. In the past, we escalated issues to VMware support and raised tickets to receive resolutions.

The solution's initial setup process was easy.

The implementation process for the solution was executed with the assistance of our organization's in-house team.

Regarding the deployment process, we begin with the manager and the product. Next, we deploy the controller and proceed with the requirements of UA6. Subsequently, we configure the DLR, ULS, or UDL.

I don't look over the pricing and licensing of the solution.

Before our company decided to go with VMware NSX, we evaluated VMware vRA and VMware vRO.

The solution is highly recommended for those with similar use cases as our company, given its features and the exceptional support it offers. The solution's prompt and responsive support team makes it a reliable option. Overall, I rate the solution an eight out of ten.

The micro-segmentation and the ability to create policy rules are valuable.

There's generally quite a lack of specialists in this space. One of the challenges as a reseller is that I need technical people to go and offer in-depth conversations about the products. We would engage someone to do that, or we would look for some engineering resources to be able to do the implementation. Unfortunately, there are not a lot of those. There is a massive skill shortage.

It's a good product, but the way that it has got so many multiple levels that need to be purchased makes it expensive and cumbersome. They seem to value shareholders more than customers, but most corporations seem to do that anyway.

I don't use the product. I sell the product. I've been with VMware for multiple years. It has been about three years or so.

It's stable. None of my customers have complained about it from a stability point of view. They complained about its cost a lot, but people are quite happy that it's a stable product.

There don't seem to be any issues with scalability. I'd rate it an eight out of ten in terms of scalability.

Most of our clients are small to medium enterprises.

We are just reselling the product. I've seen demos and things like that. It seems very straightforward. 

There could be some challenges around the implementation time, and you need to know what you're doing. There were some challenges from one of our customers. It had to do with the migration of VTT that wasn't made clear to him, so he complained about that, but it's not my experience. Some of the end-users in that space may have a feeling that they're not being informed sufficiently of product changes in a timely manner. 

Our customers have definitely complained about its cost. It's expensive. I'd rate it a nine out of ten in terms of pricing where ten represents a high price. There are other products out there that are equally expensive.

I'd definitely recommend doing a proof of concept. Do a trial deployment so that you can understand the requirements and you can understand how the rules are created. So, definitely, try before you buy should be there.

I'd rate it an eight out of ten.

We were using VMware NSX for high availability. 

We recently used it to migrate a way to the public cloud.

The migration methods are the most valuable aspect of this solution. The rest is just overly complicated.

We had some issues with the cloud version.

It needs to be cheaper.

We are stopping its use. We won't need it because we'll be using cloud-native.

The company has been working with VMware NSX for six years.

I have hands-on experience with VMware NSX.

It was on-premise, but we just used it to do cloud migration to VMC, and it will be removed after that.

The on-premises version of VMware NSX was not stable, but it was for VMC migrations. 

The on-premises version of VMware NSX is not scalable.

The cloud version is most likely fine. I couldn't really say, but after the on-premise system was implemented, everyone was afraid of change. It was really flaky.

We don't have a large number of users. It is not used as such by people; it is a piece of infrastructure software.

There would have been less than half a dozen, not very many.

I personally have not had any contact with technical support.

The initial setup is complex.

TCS assisted us with the installation.

If five is a good price and one is a high price, I would rate the price a one out of five.

I would not recommend this solution to others.

As a technical solution, I would rate VMware NSX a five out of ten.

I used to sell the solution as a bundled package. My role was to find the best solutions for customers from various vendors and work with our pre-sales and solution architecture departments to present these options. I provided high-level advice and my colleagues provided technical details. 

Our customers used the solution for segmentation and automation to secure workloads in their lower computing layer. One customer was CaixaBank, an important financial institution in Spain. 

The dashboard is comprehensive and easy to use. 

The solution integrates perfectly with F5, Check Point, and other applications. Integration with vendors is very important for customers. For our CaixaBank deployment, the solution performed these integrations which included defining, automating, and applying different rules and security functionalities. 

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. 

Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it. 

I have been familiar with the solution for three years. 

The solution is very stable. 

The solution is scalable and can handle deployment to thousands of devices with no issues. 

Technical support is very, very good. Staff work hard to understand new functionalities or bug fixes that are released monthly. 

The setup depends on the project scope. For example, CaixaBank's project had a very large scope that was divided into many different parts. Deployment took one year but the project is still ongoing. 

Good deployments depend on an assessment phase where you talk with different departments before defining objectives. Discussions should occur both with systems and security staff. With proper pre-assessment, the solution operates and integrates perfectly. 

The pricing is higher than other options from Palo Alto, Fortinet, and Cisco because it is sold in a bundle. 

Customers do not know the individual price of the solution so they compare the package pricing to competitors. The solution should offer stand-alone pricing so it can be accurately compared to other options. 

There are many solutions in the market that offer similar functionality and characteristics. 

Palo Alto, Fortinet, and Cisco offer lower prices because they are considered legacy. Segmentation is very detailed so many customers prefer legacy options for peace of mind. 

The solution is a very, very good product that is perfect for customers who have good technical support. 

I recommend the solution and rate it a seven out of ten.

The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.

It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.

NSX is good in managing security or controlling the security and the access control for each single VM. 

It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.

It integrates with certain vendors like Palo Alto seamlessly.

The product is stable. 

We can scale the solution. 

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

I've been using the solution for a couple of years now. 

Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good. 

It is a scalable product. 

We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally. 

We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support. 

We didn't use any solution for the virtualized environment.

That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.

It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.

 It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.

I'd rate the process a there out of five in terms of ease of setup. 

The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.

We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.

We had a consultation and fielded recommendations from a Palo Alto engineer.

From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own. 

I'm not sure about licensing, as this is out of my scope as a technical engineer.

We did look into other options before choosing this solution. 

We are a partner. I'm using the latest version of the solution. 

It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.

I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low. 

VMware NSX helps create and operate on-demand networks. The solution is dynamic and flexible. Our company's principal use case for the product is to provide a network for private projects. VMware NSX is also used to link virtual networks with legal networks and develop a single environment that permits comprehending virtual and physical tasks. 

Firewall security is one of VMware NSX's vital features. Using the tags and the solution's security policy is incredibly simple. For instance, I can create a sketch on paper and redesign it with the tags present on the network segment using VMware NSX. 

A basic load balancer feature was present in a previous version, but the latest version only has an advanced load balancer. The vendor should integrate a basic load balancer in future versions. The advanced load balancer is mostly suitable for system integrators, but it is not usable for our company dimensions. 

I have been using VMware NSX for three years. 

I would rate the stability a ten out of ten. 

I would rate the scalability a nine out of ten. There are about a few hundred end-users of the solution in our organization. 

Our organization's virtual environments consist of virtual machines and systems within the network segments of VMware NSX, and every lab has professors, researchers, and students. 

Before Broadcom acquired VMware NSX, I would rate the tech support a nine out of ten. But presently, I wouldn't rate it so high because our company has difficulty reaching customer support. Whenever I write an email to the technical manager of the solution, I often don't receive a response. 

Overall, the setup process of VMware NSX was easy, but due to the unfamiliarity, the beginning of the process was a steep climb for our organization's team. In our company, we majorly utilize the on-prem deployment model but temporarily we also used the solution in the cloud because we needed the virtual labs and sometimes we needed to use VMware NSX on Azure. 

As a public administrator in Italy, our company signs a contract with an organization connected to numerous universities. This aforementioned organization creates the tender with VMware. I would rate the pricing of VMware NSX as seven out of ten. 

The micro-segmentation function of VMware NSX is wonderful because this feature allows for the best control of every single entrance point of data packets. I would overall rate VMware NSX a nine out of ten. I would recommend others to use the solution.