The most valuable feature for me is the different views that you can get when selecting an application or a VLAN. It shows you the traffic flows. It gives you a visual representation of something that, in text, just may not make as much sense.
Whenever we say "valuable" with respect to the network, it's more towards the security. The firewall rule issues it shows us and the recommendations that we get from vRNI are the most valuable features because they are actually making our network more secure.
It allows you to see traffic that you couldn't otherwise see, which is traffic within your Layer 3-bounded network, meaning east-west traffic. It's hard to get that any other way.
It has really tightened down the security. That was something that we were lacking. It has also given us deep visibility into our network. We can really get down and see all of the traffic within the data center, between the VMs, between the applications, database servers, other application servers, web servers. We can identify everything that is communicating, and we can see it all on one product.
Enterprise Solutions Architect at a healthcare company with 5,001-10,000 employees
Sep 2, 2018
The solution is extremely intuitive and user-friendly. When you log in to the application you are presented with a dashboard that is very reasonable for an initial user, and you can then customize it to your specific needs. But for all the data that we've found, we've only had to go through two or three drill-downs to get into that information.
Systems Engineer at a insurance company with 501-1,000 employees
Aug 29, 2018
I like being able to see the flows coming in and out of the product. In terms of monitoring network flows, we use it to verify whether or not different servers/applications should be communicating with each other.
Network Administrator at Modern Woodmen of America
Sep 2, 2018
I'd like to see better support for being able to search the hardware NetFlow data. It ingests fairly well, but you can't tell, in a lot of cases, what source the data came from. I'd like to see more support for picking specific sources. That way you could really make a compelling use case. There are also some difficulties where it can't exactly trace the path between source and destination but if you hit the reverse flow on the same search it shows the entire path.
When we talk about those micro-segmentation rules, there's an Export function. It is very macro-segmentation oriented instead. So if you choose an application, it will find the tiers within that application and say that it's communicating on, say, port 80 to a separate VLAN. There might be 200 machines in that other VLAN. You don't want to open port 80 at all of them. So we need a lot more granularity in those suggested firewall rules.
While it's not exactly a feature, what normally happens when we are trying to look at the VM flow portion is - although Network Insight does have options to integrate a few physical switches into it - we can't really get an end-to-end flow of the network. We might be using a few switches that are not supported by Network Insight. That is where they can improve, in the support for more physical switches and network devices.
VMware NSX Engineer at a tech services company with 201-500 employees
Sep 3, 2018
The only real improvement they can make is to add more third-party vendors into the environment, mostly switch manufacturers, because it's really limited to Cisco equipment and there are a lot of companies out there other than Cisco.
Systems Engineer at a insurance company with 501-1,000 employees
Aug 29, 2018
It needs to be a little easier to use and to understand the information it's putting out. That would make it more helpful. If you're not a network person you need to understand things like network policies and concepts. If you gave it to a regular admin, it would be nice if it were easier for them to pick up what is going on, understand the flows and whether or not stuff should be talking to each other, as opposed to just port groups and IP addresses.
There could be some deeper analytics into packet inspection and trace flows. It could use some kind of machine learning to look at Layer 7 traffic for potential malware or corrupt packets.
Staff SYS Admin at a manufacturing company with 1,001-5,000 employees
Aug 29, 2018
After you use it for a little while you become accustomed to it but the layout doesn't feel very intuitive. You have to dig around and find the exact place where you can find the information, where you can actually see your east-west traffic, etc. I would like them to bring that information more to the forefront, instead of having to find it.