Please enable Javascript for better experience...
 
VMC on AWS - NSX Core Capabilities in VMware Cloud on AWS
By Pranay Jha | Sep 25, 2020 | In Articles | Total Views [ 43 ]
(0 Like)
Rate

Networking and Connectivity

Networking for VMware Cloud on AWS

  • Deploy networks and define subnets and gateway for virtual machines resided in Cloud SDDC.
  • You can create L2, L3, and Isolated Networks.
  • You can use for enabling DHCP for network segments.
  • You can also use for DHCP Relay.
  • You can create multiple DNS zones in NSX.
  • Provides distributed Routing.
  • It provides Source NAT (SNAT) to all workloads in Cloud SDDC to enable Internet access.
    • By default, internet is blocked at Edge firewall, but you can enable it if required.

Networking for On-Premises

  • Direct connect to forward all the traffic between On-Prem to Cloud SDDC.
  • Provides Policy-based IPSEC VPN capability to connect to on premises, VPCs, or other SDDCs.
  • Provides Route-based IPSEC VPN to connect to on premises, VPCs, and other SDDCs. BGP is utilized to automatically learn networks and can be used to provide;
    • An active/standby VPN connectivity model for additional redundancy.
    • ECMP VPN connectivity model to provide additional bandwidth and redundancy.
  • Provides L2VPN to extend L2 domain from On-premises to Cloud SDDC without IP address change.
    • HCX can also be used to extend L2 network between on-premises to Cloud SDDC.
  • Connect to AWS Transit Gateway.
  • Connects to AWS offerings such as EC2, S3, RDS.

Security

  • Provides Edge firewall for Compute and Management Gateway.
  • Provides NSX Distributed Firewall for Cloud SDDC.
    • Provides protection for east/west traffic within SDDC.
    • Enables Micro-Segmentation to protect workloads.
  • Provides grouping objects for Edge firewall and DFW.
  • Provides Role Based Access Control (RBAC).

Operations

Provides below features for operational tasks.

  • Port Mirroring
  • IPFIX
  • DFW IPFIX
  • NSX APIs

All these capabilities from Networking and Connecitivity, Security, and Operations are listed in below table.

Categories

Features

Networking and Connectivity

  •         Policy Based IPSEC VPN
  •         Route Based IPSEC VPN with Redundancy
  •         ECMP for Route Based IPSEC VPN
  •         Rote Based IPSEC VPN as Standby for Direct Connect
  •         L2VPN
  •         Direct Connect Private VIF for all traffic
  •         Native AWS Services Access – Connected VPC
  •         Distributing Routing
  •         Network Segment Creation from Console
  •         DHCP and DHCP Relay
  •         NAT
  •         DNS Zones

Security

  •         Distributed Firewall
  •         Edge Firewall
  •         Security Groups (IP Address, VM Instance, VM Name, Security Tags)
  •         Role Based Access Control (RBAC)

Operations

  •         Port Mirroring
  •         IPFIX
  •         DFW IPFIX
  •         NSX-T APIs – Public and Private Endpoints
  •         NSX-T APIs – API Explorer Integration

Thanks for visiting here. Share this article if you found it useful.
Like Facebook Page https://www.facebook.com/VMwareInsight/
Connect to twitter https://twitter.com/imPranayK
Subscribe my Channel https://www.youtube.com/vmwareinsight
Connect over Linkedin https://in.linkedin.com/in/impranayk
Share this on Social Media

About the Author

Pranay Jha
Pranay Jha
Founder, Contributer VMwareInsight.com

Public profile: user/profile/99900000


Follow me

facebook linkedin twitter G+ VMTN youtube

Thank you for visiting my profile. I am Pranay Jha, bring along a total of 11+ years of extensive experience with me in Information Technology sector for organizations from small business to large enterprises, wherein my current assignment I am associated with IBM as a Technical Solution Architect for Virtualization platform. I am vExpert x 3 (16/17/18), VCIX-DCV, VCAP5/6-DCD, VCAP5-DCA, VCP7-CMA, VCP5/6-DCV, VCA-DCV, VCA-Cloud, VSP, VCE-CIA, MCITP, MCSE, MCSA(Messaging). I am also an Independent blogger and founder of http://vmwareinsight.com and https://cloudpathshala.com. I can be reached via email at pranay1988jha@gmail.com or Direct Message via Contact Us form.

 
Please SignUp/Login to comment...

Or comment as anonymous...
* Name
* Email ID
Comment
 
Sponsors
 
 
 
 
 
Facebook Likes