We use the solution for NSX-T Manager and the customer wanted to have the firewall rules in order to achieve micro-segmentation. To analyze their environment, we use vRealize Network Insight which provides us with all the firewall rules for traffic to and from. This is why we use vRealize Network Insight.
The best feature of this application is its ability to capture everything within the same application, as well as capture all the traffic. Essentially, the solution is capable of capturing anything that happens outside of the network port.
I thought that when we deployed vRealize Network Insight in our environment, we had to wait for four weeks or so for the solution to capture all the traffic in and out from each connected component. Then, we had to extract the data into an Excel format and analyze it. After that, we had to manually enter the data into NSX-T Manager. If there was an integration between vRNI and NSX-T Manager, we could extract all the firewall rules directly from NSX-T Manager. This would reduce the workload in half since we would not have to manually enter the same data into both systems. In my experience, the main purpose of vRNI was to obtain firewall rules for NSX-T Manager. If this was integrated, it would have been much easier, since the documentation work was too much. vRNI captures every traffic in and out, so the file can become huge if we have many components and machines in our environment. Integration would help identify the legitimate ports on vRNI and extract the final rules to push them directly to NSX-T Manager, which would make the task much easier.
The only issue we have is that the solution does not always capture the host names. We asked VMware for an explanation and they provided us with some reasons. Ideally, the DNS name should be captured, however, when we extracted the data onto an Excel sheet, we found that around 20 to 30 entries only had IP addresses. Therefore, we had to manually track those IP addresses and then input their hostname and username to identify what the IP address represented. It seems that something may not have captured this part, but there was a reason for it, and that has room for improvement.
I have used the solution for six months.
I used the solution for a few months and never encountered any issues; there were no glitches, nothing at all. Therefore, I can say the solution was completely functional.
I believe the solution is scalable, but for our environment, it was sufficient. In a much larger environment, they may need to deploy additional nodes. I am uncertain about the scalability, but I think it should be possible to add more nodes to the environment. For our environment, however, what we had was more than enough, so we never considered deploying additional nodes.
There were two or three of us working on the solution. I was primarily responsible for the main task, but it was important to have a backup in the company.
VMware itself was deploying this solution. They provided us with support in the backend for the deployment, and it was really good. Furthermore, VMware support is always helpful and competent in their work for other solutions as well.
The initial setup is straightforward. Deploying the appliance and running the wizard to complete the configuration is simple and not challenging.
We completed the deployment in two days, and after two days everything was in place. We then left the solution running for four weeks, as per our company policy for the client. Four weeks is a good amount of time to capture all the traffic in the environment. The deployment should have been shorter, but we encountered issues unrelated to vRNI, such as authentication, which prolonged the process. I believe the deployment should have taken only a few hours.
The implementation was completed in-house with the support of VMware on the backend.
I give the solution a nine out of ten.
I definitely recommend the solution, as it was my first time using it and I really felt it captured all the necessary elements of the environment. The main benefit is that vRealize Network Insight captures micro-segmentation, which is one of the best products from VMware. The solution helps micro-segmentation achieve its purpose.
When comparing vRealize Network Insight to other solutions such as SolarWinds and other monitoring tools, vRealize Network Insight is more user-friendly.
