Micro-segmentation with NSX-T (part 2: Methodology in action)

Now that we have learned the theory in Microsegmentation with NSX-T (part 1: methodology), we can look at the application of this methodology in practice. Methodology in action So after all this, let's see a little bit of this methodology in action. First of all, it is important to know which traffic is flowing in …

Continue reading Micro-segmentation with NSX-T (part 2: Methodology in action)

Microsegmentation with NSX-T (part 1: methodology)

After a number of blogs on network-virtualization, I thought it was time to start writing some blogs on another of the major three use cases: Security, through micro-segmentation. In my line of work most organizations where I implement NSX (first V and now T) are primarily interested in the security aspects of the product. In …

Continue reading Microsegmentation with NSX-T (part 1: methodology)

Distributed Multi-Tier Routing in NSX-T

I learned something today, which in hindsight is obvious. Hopefully this helps someone that runs into the same "strange" (but not so strange) behavior. I created the following topology today, to prepare for some NSX-T demo I am giving tomorrow: What I (among other stuff) wanted to show, was that routing between Test-Segments "D" and …

Continue reading Distributed Multi-Tier Routing in NSX-T

Install a signed certificate for vRealize Network Insight

Within our demonstration environment (the PQR Experience Center), we are running a multitude of SDDC-products from VMware. Most of them have been signed by a CA-based certificate, but today we found out that our vRNI server is still running with the self-signed certificate. Time to change this! I have looked at the procedure at https://kb.vmware.com/s/article/2148128, …

Continue reading Install a signed certificate for vRealize Network Insight

Integrating NSX-T with Active Directory for RBAC (through VMware Identity Manager)

So after using NSX-T for a while, with the built-in admin account, it is time to look into using RBAC for some granular control over who is allowed to do what, within NSX. So with NSX-T it isn't as straight forward as it was in NSX-V. Integrating logins with AD requires a bit more work. …

Continue reading Integrating NSX-T with Active Directory for RBAC (through VMware Identity Manager)

Resetting expired admin password on NSX-T

So apparently it has been 90 days since the deployment of NSX-T and therefor, time for the admin password to expire ;): Unfortunately, this doesn't give you the opportunity to login and then change the password (a feature I would really appreciate), but a reset is necessary. In the online documentation (https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/administration/GUID-8816B842-2EC4-40A8-A618-F68DB29FABD2.html) the reset is …

Continue reading Resetting expired admin password on NSX-T