What is our primary use case?
The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.
How has it helped my organization?
It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.
What is most valuable?
NSX is good in managing security or controlling the security and the access control for each single VM.
It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.
It integrates with certain vendors like Palo Alto seamlessly.
The product is stable.
We can scale the solution.
What needs improvement?
It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement.
It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments.
It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.
It does not integrate well with many platforms.
For how long have I used the solution?
I've been using the solution for a couple of years now.
What do I think about the stability of the solution?
Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good.
What do I think about the scalability of the solution?
It is a scalable product.
We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally.
How are customer service and support?
We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support.
Which solution did I use previously and why did I switch?
We didn't use any solution for the virtualized environment.
That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.
How was the initial setup?
It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.
It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.
I'd rate the process a there out of five in terms of ease of setup.
The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.
We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.
What about the implementation team?
We had a consultation and fielded recommendations from a Palo Alto engineer.
What was our ROI?
From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own.
What's my experience with pricing, setup cost, and licensing?
I'm not sure about licensing, as this is out of my scope as a technical engineer.
Which other solutions did I evaluate?
We did look into other options before choosing this solution.
What other advice do I have?
We are a partner. I'm using the latest version of the solution.
It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.
I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner