VMware NSX Reviews

It's what we use the CIS Benchmarks for. It's for employing hardening rules and keeping them up to date when things happen on our systems. So it's really configurations and stuff that harden and report back. 

Now, some of the hardening we have in our configuration, so there's some overlap there, but actually running the benchmarks and enforcing the benchmarks as security rules, they don't have much built for that. They got nothing for AIX, and Linux is not where the CIS benchmarks are. So they're way behind on partnering.

We had proof of concept at one point before the VMware purchase of SaltStack. And it had some merit, but the reality was it was under-implemented. And the merits were all in Linux. It was a good first stab at it, but it didn't have enough to implement in our environment, and then AIX kind of washed it right out, and they made a statement that they weren't going to support it. So it's been ruled out for us for a number of months.

SecOps does not work for us. Their SecOps is so infant, and it doesn't support AIX that we just can't use it.

Unusable is unusable. So if someone gives it to me for free. I can't use it. The only good thing is they've thought about it, but to me, they've underwritten it and haven't given it the attention to be a real product.

We use CIS (Center for Internet Security) Benchmark. It's actually a membership-type thing. And they have hardening rules and benchmarks, and it's a very common standard. 

They have products out there that Syscat is an older one, and they have a newer one, which I can't remember the name of. But it runs on your system, and they have benchmarks in there, and it scores your system based on hardening. 

We maintain a matrix of our hardened systems on a daily basis and know whether that score changed or not and alert if it does change. And then, in our environment, we have a whole lot of other tools out there.  

I would rate my experience with the initial setup a three out of ten, where one is a complex process, and ten is a difficult setup process.

This solution is really unusable from my perspective at this point. Overall, I would rate the solution a one of ten. 

We use so little of Red Hat Satellite. We use it for patching only. And I liked it better when it was the spacewalk equivalent, the informant thing. They're putting too much effort into the Virtu utilization and not enough into the day-to-day operations, for patching and stuff. Patching is a plugin as opposed to, like, the main product. Which is what we use it for.

So we're actually writing our own at this point because it's so heavy right now. The old satellite was good. Not great, but good. This one is just way too much overhead and focused on stuff we don't use.

NSX is used with vCloud Director to provide networking as a service or extend the capabilities of the load balancer, VPN, firewall, etc. There are two types of NSX. VMware's latest version is a product called NSX-T. It's a universal solution used across the VMware lineup and products like Hyper-V or the public cloud. You can use it on-prem or public cloud as well. NSX is used by the operations team, architects, and engineers. There are maybe 20 to 30 people using it.

NSX extends Layer-2 scalability on Layer 3, covering the vRO and extending the capability on Layer 3 by decapsulating using a new mechanism. NSX-V was designed to use with VMware products and Success 360, providing more flexibility toward different levels of cloud, containers, and components. NSX-T gives you the ability to stretch your network across different view locations. If you have multiple sites, you can connect them using NSX-T.

In the next release, they should enhance the visual interface. With NSX-T, it's difficult to communicate between the public cloud and the container. 

I have been using NSX for three or four years. 

NSX is stable.

NSX is scalable. You can deploy it on one node or a three-node cluster.

I rate VMware support six out of 10 for NSX-V and seven out of 10 for NSX-T.

Deploying NSX is difficult. VMware NSX has three components: management, controller, and database. You have to understand each of them and where to deploy them. There are lots of logs as well. The deployment varies whether you are deploying on a VM, public cloud, or standalone hardware. Each has its own prerequisites.

First, you have to enable features on your physical equipment, enabling you to install NSX. You have to deploy the dependencies and fix the board. The deployment time depends on the equipment, whether it's from Cisco, Jupiter, or another vendor. They have different approaches to enabling NSX.

The licensing is based on the CPU or the physical unit.

I rate NSX nine out of10. 

We use the solution to establish a connection between our two sites using the same IPs. This is our primary use case.

Segmentation, specifically micro-segmentation, and also for its extended service between sites to keep the same IP address on all sites are valuable features of the solution for our company.

The solution could benefit from improvements in its pricing and scalability.

I have been using VMware NSX for two years. Also, I am using VMware NSX-T 1.0

It is a stable solution. Our company is migrating from VMware NSX-T 1.0 to VMware NSX-T 3.0.

In terms of scalability, I would rate the solution a seven out of ten. Currently, VMware NSX is being used extensively in my company by approximately 1,000 end-users.

When our company contacts VMware's technical support, we open a ticket for our support request. In the past, we escalated issues to VMware support and raised tickets to receive resolutions.

The solution's initial setup process was easy.

The implementation process for the solution was executed with the assistance of our organization's in-house team.

Regarding the deployment process, we begin with the manager and the product. Next, we deploy the controller and proceed with the requirements of UA6. Subsequently, we configure the DLR, ULS, or UDL.

I don't look over the pricing and licensing of the solution.

Before our company decided to go with VMware NSX, we evaluated VMware vRA and VMware vRO.

The solution is highly recommended for those with similar use cases as our company, given its features and the exceptional support it offers. The solution's prompt and responsive support team makes it a reliable option. Overall, I rate the solution an eight out of ten.

The micro-segmentation and the ability to create policy rules are valuable.

There's generally quite a lack of specialists in this space. One of the challenges as a reseller is that I need technical people to go and offer in-depth conversations about the products. We would engage someone to do that, or we would look for some engineering resources to be able to do the implementation. Unfortunately, there are not a lot of those. There is a massive skill shortage.

It's a good product, but the way that it has got so many multiple levels that need to be purchased makes it expensive and cumbersome. They seem to value shareholders more than customers, but most corporations seem to do that anyway.

I don't use the product. I sell the product. I've been with VMware for multiple years. It has been about three years or so.

It's stable. None of my customers have complained about it from a stability point of view. They complained about its cost a lot, but people are quite happy that it's a stable product.

There don't seem to be any issues with scalability. I'd rate it an eight out of ten in terms of scalability.

Most of our clients are small to medium enterprises.

We are just reselling the product. I've seen demos and things like that. It seems very straightforward. 

There could be some challenges around the implementation time, and you need to know what you're doing. There were some challenges from one of our customers. It had to do with the migration of VTT that wasn't made clear to him, so he complained about that, but it's not my experience. Some of the end-users in that space may have a feeling that they're not being informed sufficiently of product changes in a timely manner. 

Our customers have definitely complained about its cost. It's expensive. I'd rate it a nine out of ten in terms of pricing where ten represents a high price. There are other products out there that are equally expensive.

I'd definitely recommend doing a proof of concept. Do a trial deployment so that you can understand the requirements and you can understand how the rules are created. So, definitely, try before you buy should be there.

I'd rate it an eight out of ten.

We were using VMware NSX for high availability. 

We recently used it to migrate a way to the public cloud.

The migration methods are the most valuable aspect of this solution. The rest is just overly complicated.

We had some issues with the cloud version.

It needs to be cheaper.

We are stopping its use. We won't need it because we'll be using cloud-native.

The company has been working with VMware NSX for six years.

I have hands-on experience with VMware NSX.

It was on-premise, but we just used it to do cloud migration to VMC, and it will be removed after that.

The on-premises version of VMware NSX was not stable, but it was for VMC migrations. 

The on-premises version of VMware NSX is not scalable.

The cloud version is most likely fine. I couldn't really say, but after the on-premise system was implemented, everyone was afraid of change. It was really flaky.

We don't have a large number of users. It is not used as such by people; it is a piece of infrastructure software.

There would have been less than half a dozen, not very many.

I personally have not had any contact with technical support.

The initial setup is complex.

TCS assisted us with the installation.

If five is a good price and one is a high price, I would rate the price a one out of five.

I would not recommend this solution to others.

As a technical solution, I would rate VMware NSX a five out of ten.

I used to sell the solution as a bundled package. My role was to find the best solutions for customers from various vendors and work with our pre-sales and solution architecture departments to present these options. I provided high-level advice and my colleagues provided technical details. 

Our customers used the solution for segmentation and automation to secure workloads in their lower computing layer. One customer was CaixaBank, an important financial institution in Spain. 

The dashboard is comprehensive and easy to use. 

The solution integrates perfectly with F5, Check Point, and other applications. Integration with vendors is very important for customers. For our CaixaBank deployment, the solution performed these integrations which included defining, automating, and applying different rules and security functionalities. 

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. 

Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it. 

I have been familiar with the solution for three years. 

The solution is very stable. 

The solution is scalable and can handle deployment to thousands of devices with no issues. 

Technical support is very, very good. Staff work hard to understand new functionalities or bug fixes that are released monthly. 

The setup depends on the project scope. For example, CaixaBank's project had a very large scope that was divided into many different parts. Deployment took one year but the project is still ongoing. 

Good deployments depend on an assessment phase where you talk with different departments before defining objectives. Discussions should occur both with systems and security staff. With proper pre-assessment, the solution operates and integrates perfectly. 

The pricing is higher than other options from Palo Alto, Fortinet, and Cisco because it is sold in a bundle. 

Customers do not know the individual price of the solution so they compare the package pricing to competitors. The solution should offer stand-alone pricing so it can be accurately compared to other options. 

There are many solutions in the market that offer similar functionality and characteristics. 

Palo Alto, Fortinet, and Cisco offer lower prices because they are considered legacy. Segmentation is very detailed so many customers prefer legacy options for peace of mind. 

The solution is a very, very good product that is perfect for customers who have good technical support. 

I recommend the solution and rate it a seven out of ten.

The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.

It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.

NSX is good in managing security or controlling the security and the access control for each single VM. 

It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.

It integrates with certain vendors like Palo Alto seamlessly.

The product is stable. 

We can scale the solution. 

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

I've been using the solution for a couple of years now. 

Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good. 

It is a scalable product. 

We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally. 

We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support. 

We didn't use any solution for the virtualized environment.

That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.

It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.

 It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.

I'd rate the process a there out of five in terms of ease of setup. 

The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.

We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.

We had a consultation and fielded recommendations from a Palo Alto engineer.

From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own. 

I'm not sure about licensing, as this is out of my scope as a technical engineer.

We did look into other options before choosing this solution. 

We are a partner. I'm using the latest version of the solution. 

It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.

I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low. 

We use VMware NSX for application service deployments.

VMware NSX is a very good solution. It's also a scalable solution.

It could be more user-friendly, but it's manageable. When we add a specific node to this particular NSX and the configuration changes, it won't push through the errors where required, but it'll accept it. However, while using it, we will have issues. It can also be more stable. 

It could be more stable.

VMware NSX is a scalable solution. We have about 10,000 people using it at our company.

Technical support is good.

We are still in the process of completing the migration from the physical servers to NSX.

The initial setup is relatively straightforward, but it takes a long time to implement this solution. You need hundreds of people to deploy and maintain this solution.

VMware NSX isn't cheap. 

I would tell potential users that they need to do a high-level review of their entire data center architecture, and should not leave any specific configurations related to connectivity that would lead them to more challenges. 

On a scale from one to ten, I would give VMware NSX a seven.