VMware NSX Reviews

We use this solution to build our VMware platform.

The most valuable features are security and dynamic routing.

The routing functionality needs to be improved, as there are lots of bugs in the system.

I would like to see automation capabilities in the deployment process.

I have been using VMware NSX since 2016.

I think that there is room to improve from a stability standpoint. There are lots of bugs in this product.

VMware NSX is highly scalable.

The technical support team is good.

I would not say that the initial setup was straightforward. In terms of how easy it was to complete the deployment, I would rate the process a seven out of ten. 

My advice for anybody who is researching VMware NSX is to first have an understanding of network engineering.

I would rate this solution an eight out of ten.

Load balancing is achieved using VMware NSX. The load balancing feature provided with VMware vSphere is called NSX.

While using the virtual server with your on-premises trusted internal network, you can set up rules to prevent them from doing specific activities.

VMware NSX is a very good product.

It's a beneficial tool.

VMware NSX needs improvement.

We have been using VMware NSX for a couple of years.

We are using the most recent version.

I have no issues with the stability of  VMware NSX.

VMware NSX is a scalable solution.

NSX is not a user, product. NSX is for securing your virtualization platform.

The support needs improvement.

The initial setup is straightforward.

I have not yet fully explored all that this solution provides. I am still analyzing it. From the knowledge and experience that I have today, I would recommend this solution.

I would rate VMware NSX a five out of ten.

Our main use case is the distributed firewall. NSX can segment every application and server based on the ports they need to communicate externally. Ports that aren't required are inactive, so we activate them for some specific applications. We can get the ports from the application guys, activate the ones we need, and then disable the rest of the ports. We've done other things with NSX, but it's just mostly about the distributed firewall.

We typically run a lot of vulnerability assessments — sometimes spam testing — and get a lot of bad results because some ports are open. I think NSX has significantly cut down on that. Right now, we have been able to fix almost all of our problems with unnecessary ports being opened and related issues. We are secure in this specific aspect, so we can log other options. 

NSX's stand-out function is the distributed firewall. The firewall system is just top-notch, and I haven't seen another solution like it. Aside from that, there are numerous other cases where NSX comes in handy. For example, we've done intrusion prevention and implemented some next-generation firewalls for service training. We deployed some next-generation firewalls inside certain servers. Then we could bring all the traffic down that was meant to lead each server to a specific firewall. The security guys put policies on the firewall for checking signatures and hash values to contain particular security breaches within the server and prevent them from affecting the network. So we could use the particular firewall that we usually use and use it within the server close-up at the data center instead of the VH. 

NSX could better integrate with open-source products. Of course, it integrates with some, but I know many people are uncomfortable deploying NSX with certain open-source solutions, such as Radar. They don't integrate so well, and the integration is usually so complex that many people would rather not use them.

I've been using VMware NSX personally for one year now, but I'm a consultant on this product, so I've deployed it for multiple customers.

We've experienced some bugs with NSX's user interface. For example, sometimes we click something, and it's not clicking. But they put out a lot of updates and patches. Also, they've added some particular boards on the applications. So with every update, they make the user interface more stable. 

You can scale NSX if you have the resources, but it's usually expensive and complex to scale up.

VMware support is great. I would rate their support eight out of 10.

The NSX setup is complex. That's one area where they could improve. Generally, it's too complicated to deploy. You can spend two or three days on it. And if you've never done it before, it might take a week. So it takes a relatively long time and lacks comprehensive end-to-end documentation. We had inadequate documentation when we implemented it, but I think it's better now. Total deployment for us took more than two weeks, but there were some breaks in that time where we stopped working on it. We weren't under any deadline. If we were pressed, we could have finished in four or five.

After the initial setup, NSX doesn't require a whole lot of maintenance. It's mostly troubleshooting, checking error codes, etc. There is no dedicated maintenance personnel specifically for NSX. Some guys in the IT department support this solution along with several other solutions. We have about four to five people handling that side of things, but there are six of us in the whole department responsible for infrastructure.

It's hard to judge with new deployments because you need some time to start seeing a return. But after someone has had one or two years to achieve a mature deployment on the product, they'll generally be happy that they spent the money. After a year, I'm beginning to see the return on investment, but everyone would argue that it's still expensive for the first two or three months.

VMware NSX is expensive.

I rate VMware NSX seven out of 10. If you are considering NSX, I suggest that you practice the deployment and know your use case. Know what you want to do with it and understand why you want to use the product. Identify the security features you want to use and consider what it's doing for your infrastructure. We're still exploring the features. I'm not sure we're using all the features that come with the application. There are so many that we have not used. For now, we're looking at more use cases and expanding on that knowledge.

Some of the key features I find most valuable are the highly graphical user interface, virtualization of networks, and Microsoft application compatibility. It has all the functionality that we require.

One drawback is this solution requires a lot of other products in the VMware ecosystem to have a full end-to-end operation orchestration monitoring. You have to buy a lot of add-ons to fully utilize the functionality.

Some additional features in the next release could be for the solution to be more directed toward the end-to-end functions, from physical to virtual monitoring. It should also include streamlined troubleshooting of our operation. 

I have used the solution for approximately two years.

The solution has been stable.

I have found the solution to be highly scalable.

The experience we have had with the solutions technical support has been wonderful.

The setup was straightforward and it took a few weeks.

I would recommend the solution. I would like to point out this is a vendor-lock-in solution, where the user might be confined to a certain vendor for some time before they can move on adopting other vendors. 

I rate VMware NSX an eight out of ten. 

We just introduced NSX in our headquarters. We have it running in some labs, but no real experiences. We've been using it for six months.

Our objective is to know each features component and how it works. Depending on the business requirements, we would adapt the solution as needed. This is the reason why we work a lot from the maps and then anticipate when we need a new feature for our company.

We like that NSX is integrated with everything. 

The load balancing is a real major opportunity for us. As a CIO, we have 99.9% network security. We would like to optimize this product.

The feedback we're getting from the labs is that the stability is rich and that we haven't had any trouble with it. The stability is really, really good.

We didn't use a service for implementation but we have a consultant to help us get a better understanding of NSX and to teach us the best practices. 

To those who say this solution is complex, I would say it is but not for the key user. You just need to learn the standards and mechanics for your specific product. That means that it's simple even if it's really complex beyond that.

The ease in which to install this product and make it work straight away without minimum changes in your physical network and is simply astonishing. The only thing you need to do when installing this product is change your MTU to 1600 (jumbo frames). It provides microsegmentation and good security features for north-south and east-west traffic across your SDDC. The performance you obtain at the virtual layer and traffic crossing for your VMs gets improved dramatically because the traffic doesn't leave the hypervisor. I'm not a network guy myself but NSX makes it really easy to understand how the virtual network pins together and how you can manage the traffic and security within your VMware deployment without the hassle of changing VLANs, adding unnecessary protocols for discovery, etc.

Encapsulating the traffic using VXLAN is a great addition. It extrapolates the number of VLANs that you can stretch to an almost infinite number of VXLAN (millions of VXLANs). In abstract, you are dealing with numerous VLANs every time you want to send traffic from one VM to another, basically VMs on different hosts within the same datacenter will be connected to the same logical switch and traffic is advertised via unicast traffic from the NSX controllers to let every body know in the environment "who is who" to minimize the amount of multicast traffic.

We haven't installed this in our environment yet. We have a major lab to provide our Ci-Dev team a sandpit to test apps and its security when deploying a three-tier application on our customers and test every single connection and performance before handing over the application to the customer.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Six months now.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

A very stable product, it is more mature than it was four years ago when it first came out. The performance you get with this product is near-line rate.

If you have a large environment, the sprawl of Distributed Logical Routers or logical switches can be hard to manage, but you will have the same issues in a physical network.

We have a direct line with VMware support and with the specialized engineer who provides support on NSX. We haven't had to open a support call yet, but the engineer we've dealt with is very capable and knowledgeable on the product.

Excellent. VMware engineers are top of the line. I haven't met one engineer who doesn't know the product well that they support.

Nope, never used a network virtualisation product before.

It was straightforward. Just a couple of install media and .ovf files and you're done. The interesting part comes after installation when you need to define your virtual network architecture and how you're going to deploy rules and connectivity for your VMs.

In-house deployment. We're a large VMware shop and know VMware products well.

Not applicable for this product yet.

We got the licenses from VMware as part of the NFR agreement, but you will require a medium infrastructure to deploy this initially. Lot of memory and CPU are required to have the product run smoothly

No, there are no other products in the market that provide network virtualisation as far as I know.

Download the installer, try it, and you will love it. Some hardcore network administrators will say it is not the same, and of course is not the same, but it is a new way to do things in the network space. It is the way of the future when deploying large networks in Software Defined Data Centres.

We use NSX in our data center. 

We use the NSX firewall which is great. 

I'd like to see more integration with other solutions. 

We've been using this solution for over two years. 

The solution is stable.

The solution is scalable.

I haven't used technical support. 

I recommend this solution and rate it seven out of 10.