I would suggest improving the licensing model of VMware NSX.

The licensing model has become expensive since Broadcom bought VMware, making it costly with no other options to select specific components from the license itself. Customers must buy the whole package even if they do not need all components.

The reporting functionality could be better, and there could be an easier way of forwarding events. There's room for improvement in the product. We don't use it to its full capabilities and much more could be done with it. The pricing for the product is another area for improvement as I'm not satisfied nowadays.

The initial configuration and integration within our existing environment were not easy. The configuration process was a bit complex, specifically during the initial setup.

Based on my experience, I would like to improve VMware NSX, particularly on the visualization side, aiming for improved visibility in the environment.

Function-wise, VMware NSX is performing well, and I don't see any major areas for improvement since most of the functions meet my expectations.

The response time needs improvement, while the quality of support is satisfactory.

The boot times for NSX managers and the time it takes to clear alarms and warnings could be improved. The differences between NSX-V and NSX-T, especially regarding the managers and controllers, can also cause synchronization issues. A faster resolution time would be beneficial.

I cannot think of something specific that needs improvement since our needs are currently covered by VMware NSX. I have no complaints regarding the user interface or any technical issues.

If you had asked when it was NSX V, which was dedicated only for Hyper-V and VMware, I would have said they could open the door for all partners. At the moment, NSX T is complete. Migrating from V to T is very tricky, complicated, and there are a lot of parameters to account for. The pricing is also an issue; it's very expensive and changes all the time. VMware is not easy to negotiate with.

The ticket support response time from VMware could be improved. Often, callbacks are delayed, which can be problematic if the servers are in production.

SecOps does not work for us. Their SecOps is so infant, and it doesn't support AIX that we just can't use it.

Unusable is unusable. So if someone gives it to me for free. I can't use it. The only good thing is they've thought about it, but to me, they've underwritten it and haven't given it the attention to be a real product.

In the next release, they should enhance the visual interface. With NSX-T, it's difficult to communicate between the public cloud and the container. 

The solution could benefit from improvements in its pricing and scalability.

There's generally quite a lack of specialists in this space. One of the challenges as a reseller is that I need technical people to go and offer in-depth conversations about the products. We would engage someone to do that, or we would look for some engineering resources to be able to do the implementation. Unfortunately, there are not a lot of those. There is a massive skill shortage.

It's a good product, but the way that it has got so many multiple levels that need to be purchased makes it expensive and cumbersome. They seem to value shareholders more than customers, but most corporations seem to do that anyway.

We had some issues with the cloud version.

It needs to be cheaper.

We are stopping its use. We won't need it because we'll be using cloud-native.

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. 

Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it. 

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

It could be more user-friendly, but it's manageable. When we add a specific node to this particular NSX and the configuration changes, it won't push through the errors where required, but it'll accept it. However, while using it, we will have issues. It can also be more stable. 

A basic load balancer feature was present in a previous version, but the latest version only has an advanced load balancer. The vendor should integrate a basic load balancer in future versions. The advanced load balancer is mostly suitable for system integrators, but it is not usable for our company dimensions. 

One aspect that needs improvement is the need for further automation. We are already operating in a software-defined data center environment, and while the product is mature, there's room for enhancing automation.

I believe we need to attain a certain level of maturity and work closely with multiple customers to make substantial improvements and achieve notable results. The feature it can improve is essentially application-based load balancing with intelligent load distribution for applications that require redundancy and high availability. This feature operates at a micro-level, specifically focusing on the payloads of applications.

To clarify further, I believe that if NSX offers this functionality along with robust security measures for application payloads, it would greatly benefit customers. Instead of investing in additional devices or appliances for load balancing and security, organizations would likely prefer to leverage NSX's integrated capabilities in this regard.

I haven't found any shortcomings. 

It might be nice to have more AI in the future. It would help keep us from redesigning every time. 

I'm not sure where the solution can be improved. 

We did recently need a patch to deal with an outage on NSX.

The price is rather high.

They have some limitations in the firewall features as compared to the on-prem or dedicated hardware appliance. They can add more features, such as IPS and IDS, to the cloud firewall.

The solution could improve by having a more streamlined setup.

The cost of the solution has room for improvement.

It should support Hyper-V also. Nowadays, NSX supports the KVM and ESXi hypervisors only. It should also support Hyper-V and Citrix hypervisors.

There have already been lots of improvements. For example, they edited the intelligent plans and added an advanced load balancer. The latest version, 4.0, really has all the features you need.

It's a bit complex to set up the product.

VMware NSX can improve the migration tools from the older environments to the new environment. For example, the NSX-V has become a legacy solution, it's out of support, but customers are able to keep using it. For migration purposes, it's better for them to provide a proper tool. It will be easy to migrate from an old environment to a new one.

The network-extending capabilities for the physical environment need improvement. Instead of virtualization, the ability to add physical servers to the network could be enhanced.

Since most people are very much used to physical networking, they find it difficult to use VMware NSX in the initial stage.

It could be helpful if the solution's licensing model is based on the number of VMs rather than hypervisors.

Despite being somewhat behind in the cybersecurity field, VMware should develop a cloud and a red team to continuously monitor for new malware and ransomware. They must maintain their own cloud to do their own research, and send the resulting hashes or values to all customers using VMware NSX. This will ensure that each customer is regularly updated with the latest malware and ransomware hashes to keep their systems secure.

Web filtering is a good feature that I would like to have added to the solution.

I would like the ability to limit the bandwidth per virtual machine to ensure that I understand the throughput requirements of any application that is running. This way, I can be protected from the risks of a DoS or DDoS attack, which may require a high level of throughput. This limitation would apply to Layer 4 or Layer 5 of the network.

A room for improvement in VMware NSX is that it has some security vulnerabilities, which means my company has to apply the patches every once in a while.

The setup of the solution could be simplified.

There were some issues in finance and other accounting. The applications there are very old. To move these applications, we had to use some controls or web services for programming in a new program, for example, in Python or visual C#. You have to move these applications to new programming software. It was very, very complex to move them. However, we ended up doing it very well.

ESX servers are a part that they don't implement. The client that this part of the VMware is important. You can implement more virtual machines using ESX server infrastructure. However, they couldn't complete this part since, for some arrangements in the contract, they don't put it in the contract. They need to buy new licenses to complete the project.

The price is pretty high and their product stack forces me to use the feature set compared to all the others out there in the market from India. They could do more with cloud management, I need some third-party tools.

It isn't easy to deploy.

There are always issues integrating with Cisco.

Switching is always a big problem for us because our switch is not supported.

If the integration was more open, then it would be good.

The setup is complex and should be made easier.

There is room for improvement in VMware NSX's workload management, particularly in the orchestration layer and in managing workloads across multiple clouds.

Additionally, where workload management could be improved is in the ability to federate workloads seamlessly between different control panels. For example, if I am using VMware vCenter as my control panel and have partnered with a non-VMware provider, I should be able to manage my workloads as a customer without having to worry about orchestration. This is an area where there is potential for improvement.

NSX's stability could be improved.

The security feature for the Kubernetes environment can be improved.

The non-enterprise version of the solution should be improved.

I want to see the solution expand to more than just the network, for example, perhaps it could provide some VLAN technologies.

VMware NSX should be able to scale for different customers, even the big ones. Its scalability needs improvement. Stability for it should also be improved.

An additional feature I'd like to see in the next release of this product is for it to have more integration with other public clouds.

It's very complex. However, I don't work directly with it typically.

We had started two projects for integration with OpenShift and OpenStack with NSX. It was declared by VMware that this is possible, however, the process is very tricky. The full integration was delayed to wait for a new official release. I don't know the actual stage, as this is something that happened more than a year or two ago. It was the beginning of the pandemic. In any case, the integration with OpenShift, the open-source cloud platform, at the time was in need of work and was (and remains) something required from our customers. 

They have to work more and more on the integration for public cloud services and have cyber security platform integration.

In rare situation there are  mismatch in the control plane data and dataplane data i.e. the details and what you actually see on the transport note. This is rare but time consuming to troubleshoot . Additionally, there could be better integration between VMware Cloud Federation (VCF) and NSX-T. Currently, there are some limitations, for example, VCF allows just one overlay transport zone. Also there is not upgrade path from VCF 3(NSX-T 2.5.x) to VCF 4 (NSX-T 3.x)

Any technical product has its own limitations in one place or another.

Our technical team is always looking for the solutions that they work with to offer more convenient integrations.

There could be an improvement in regards to security. This solution cannot migrate all assets smoothly and continuously, for example, the host

Sometimes the physical hosts are not able to be converted into virtual ones, which needs to be fixed. 

Traffic flow introspection topology visibility is definitely needed because at the moment, NSX-T lacks in this area.

A hardware scan of the ESXi host for possible incompatibilities should be added to NSX-T/vSphere, as it would allow us to know in advance, for example, if a pNIC is not compatible with a version of vSphere before moving forward with an NSX-T deployment. 

It needs a better, integrated migration tool. Something like RestNSX with more elaborate capabilities from a troubleshooting perspective and pre-migration perspective would be an improvement.

I would like to see improvements made to the certification process. As it is now, you have to do the training with VMware itself, and you have to spend a lot of money doing it, which is very discouraging. 

If you compare other certifications especially from the cloud providers, you can get trained from your choice of training providers and not very expensive or learn on your own at your pace, prepare for exams and pass and your certificate will be issued. In contrast, you have to register under VMware to get training done at minimum of $3000 before your certificate is issued to you. The training costs a minimum of $3,000, which is expensive and should be reduced. 

The tool's setup is complex and we need support to implement it. 

The integration with other brands is not the best and could be better.

An area for improvement in VMware NSX is that it uses up more resources and is heavy on the network.

What I'd like to see in the next release of the solution is more automation.

VMware NSX provides a lot of automation capabilities, but there is still room for improvement.

VMware NSX could improve by having more compatibility with other none Window-based operating systems.

VMware NSX needs improvement.

NSX could better integrate with open-source products. Of course, it integrates with some, but I know many people are uncomfortable deploying NSX with certain open-source solutions, such as Radar. They don't integrate so well, and the integration is usually so complex that many people would rather not use them.

I cannot recall coming across any missing features. At this time, there is nothing I would need in a future release. 

Occasionally the licensing is not very clear. They should make it easier to understand. 

NSX-T supports more platforms, and VMware NSX only supports some platforms like KVM. I want to see support for Hyper-V and other hypervisors.

Their technical support could be faster as well.

Their licensing model should make it easier to purchase licenses.

One of the areas that we are struggling with is how do we perform the same security level as we had for an NSX solution for the legacy system. For example, if I have a switch, and I am connecting a legacy application on the legacy system that does not support the hyper vision or another feature, is possible to push the security topic to the switches to be compliant, or compliant with an NSX component, and to perform the same security level as we perform for hyper vision side. It would be beneficial for us if there was better integration with legacy systems.

In the future, the solution should be compliant with internet NIC. They could deploy this NIC into some switches, servers, or other product. It would be interesting to have this sort of NIC stamped by VMware, and we could push some security feature into it. It would be a very useful feature. I do understand VMware is virtual and not on a physical device path but this would be a good endeavour.

One drawback is this solution requires a lot of other products in the VMware ecosystem to have a full end-to-end operation orchestration monitoring. You have to buy a lot of add-ons to fully utilize the functionality.

Some additional features in the next release could be for the solution to be more directed toward the end-to-end functions, from physical to virtual monitoring. It should also include streamlined troubleshooting of our operation. 

There is always room for improvement, in any solution. 

In some cases, this product is very technical. 

Some configuration maximums are limiting to the user, especially when it comes to the deployment of very, very large environments. There are limits to the number of firewall rules, security groups, et cetera. With the number of security groups, you can nest all these limits, however, somehow limiting the use cases may be restrictive for the free design of different use cases.

The technical support could use some improvement.

The product is quite complex and that could be an area where improvements could be made. 

• NSX Manager console: limit on number of NSX Controllers an architecture can have
• Support for ESXi, KVM, bare-metal servers, Kubernetes, OpenShift, AWS and Azure.
• Integrate NSX Controllers into NSX Manager as a single virtual appliance so controllers no longer need to be deployed independently.
• Directs to vCenter by registering Transport Nodes instead of registering NSX Manager inside of vCenter.
• Use a more modern overlay technology for encapsulation that performs better and is more flexible for the future over older, more traditional VXLAN overlay technology.

The routing functionality needs to be improved, as there are lots of bugs in the system.

I would like to see automation capabilities in the deployment process.

Everybody needs a network to connect to, and VMware doesn't readily provide one. It is reliant on an existing network to connect to, which means that for me, it requires two different teams to manage the SDN.

It could be cheaper!

We would to have a reverse proxy. This would add great value to the solution. 

We would also like better integration with the standards on the market. For example, with OSPF, their integration in NSX is very low. It's not a full OSPF integration. It is too thin from a protocol perspective.

The product need to be improved. It is too complex.

• vRNI
• Improve integration with many third-party solutions, because only Palo Alto and Check Point, and VMware would be like improve this integration with other vendors.

I would like to see some more add-ons on the security features. 

I would like them to make integration with other vendors easier.

At the moment it hasn't helped us prolong our hardware refresh.

We would like tenant segmentation available in future releases.

If you start with a new or greenfield environment, it is okay to implement. However, if there are other solutions already in place, it can be difficult to implement.

I would like to have automating reporting built into common service management platforms, such as JIRA, Serviceaide, and ServiceNow. 

The engineering team has room for improvement. They should have more of a Knowledge Base about different case studies and should develop more advanced features. These kinds of improvements will change the way things get done.

I would like to see extended performance charts in other versions of NSX. For example, CPU usage, memory usage, and bandwidth usage on NSX.

I would rate this product an eight because it's a good product but it needs more work. They should fix some of the bugs.

The next release of NSX should try to make Kubernetes and container integration a little easier than it is now. It's quite a complicated process.

I would rate this solution an eight because it doesn't have Kubernetes integrations yet, and it isn't multi-federated. Those are some of the things that need to be added to the product. 

The solution is quite complex. You need to keep your thinking cap on and know what you are doing: Go to the training and listen to the solution architects when they come in because they have a lot of knowledge. 

There is a concern and some confusion around who owns NSX in the end, whether it's the network team or the VMware team. There is not much confusion about this anymore, but there was at the start. Would it be owned by the network team, who might never even have seen VMware before, but would understand firewall rules? Or would it be owned by your average VMware person? As far as someone else putting it in, make sure you know who is going to own it, and they have the staff and the capabilities to cover it.

We would like them to improve the deployment time.

The management console also needs a bit of improvement.

It should be more adapted to the physical side of network topology in order to prevent unavailability.

Just being more knowledgeable about the different functions. I think the product is fine. It's just learning more about the product, and how you can benefit from it, and what it's got to offer.

There is one feature I'm finding with VMware which is special for us from IBM with JIRA routing protocols. This is in the future that they are planning, especially right now with our compatible AWS. AWS is good, understood, except for the software to improve, probably with Amazon right now doing this partnership. VMware and access are going to be improved for that.

So far, what I've seen here at VMworld, it seems to be improving just the same line as everything else. It's going to expand, grow and grow and grow. It's going everywhere. It's not just going into "I'm using the V version of NSX," but it's going out to every environment. It's going out to all the clouds so that even if you have the V, you can also use the cloud part and put it into there, so it seems to be growing where it needs to go.

It still needs to grow. There are still some features that it doesn't do, like it doesn't do multicasting. It does do some multicasting, but it's within their own infrastructure, but multicasting in general, it doesn't do.

• Going through and getting more features sets from the routing protocols is definitely necessary for the future.
• Being able to properly manipulate BGP
• Getting multiprotocol BGP into the stack
• A little bit better redistribution

As a CCIE, I like to have all my tool sets, and there are some things which NSX is missing right now.

It's missing some more advanced features. As an engineer, we need those tools. We need to be able to manipulate routes. We need to be able to set traffic the way that we need it to be. Especially as we interact with other vendors, sometimes it makes it difficult to have to do some workarounds. Once VMware flushes out the RFC for things like BGP and OSPF, it will be better.

They could branch out to the physical layer. Today, it's just the virtual layer, and they're starting to talk about the physical layer. We'd like to see the physical layer incorporated.

So the third-party marketplace is growing and growing for this product and being able to redirect traffic to them, to the third-party products in order to take advantage of those additional features, is wonderful.

I think that one of the more important things to see better integrated into the NSX product would be an IDS/IPS type solution, which right now we're handing off to a third-party, which sometimes doubles the cost of the product. However, there are new products that we're learning about over the course of this week like AppDefense, that may actually help provide some additional capabilities in terms of that IDS/IPS type structure.

Pricing and licensing could be improved as we are a government entity. Lower pricing could always help.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Speed of the NSX Controllers while deploying sometimes gets a bit slower which can be improved, overall its a great product

Lastline's reports can sometimes be very complicated and somehow leaves users with lots of technical information that cannot be easily digested. A more presentable reporting should be provided. However, this is not a weakness and their reporting is only suitable for people with certain technical knowledge.

Lastline itself is a complicated product to navigate through, although it provides a lot of details to the users. This was a feedback from one of our customer here during the POC stage. Users may be required to be technically sound to understand what Lastline has provided to them. What I mean by "a more presentable reporting" is that Lastline should provide a more user readable format of the report; perhaps more visual storyline of their process?

They just announced added Mac OS X support, which I didn't get to test. 

I'd like to see more integration with other solutions. 

The solution can improve by making it more straightforward, easier to install and maintain in the environment.