VMware NSX-T Data Center is the next generation product that provides a scalable network virtualization and micro-segmentation platform for multi-hypervisor environments, container deployments, and native workloads. It has not yet become features parity with NSX-v, but the gap is closing faster and there are also several new features and capabilities available ONLY on NSX-T.
And the product is growing faster: on June was release the NSX-T Data Center 2.2.0 and now there is the new NSX-T Data Center 2.3.0 release (see the release notes).
NSX-T Data Center 2.3 is the incremental upgrade release that enhances the new multi-hypervisor platform delivered for cloud and containers.
The main big news of this release is the bare-metal support that includes Linux-based workloads running on bare-metal servers and containers running on bare-metal servers without a hypervisor. In this way, NSX-T can really span across different type of workloads and environments.
NSX-T Data Center leverages the Open vSwitch, to enable any Linux host to be an NSX-T Data Center transport node to allow users to network bare-metal compute workloads over VLAN, overlay backed connections, and to enforce micro-segmentation policies (stateful Layer 4 enforcement) for Virtual-to-Physical and Physical-to-Physical communication flows.
Supported Linux distributions are:
- RHEL 7.4 (native compute workloads and Docker Containers using Kubernetes and RedHat OpenShift Container Platform)
- RHEL 7.5 (Docker Containers using Kubernetes and RedHat OpenShift Container Platform)
- CentOS 7.4 (native compute workloads only)
- Ubuntu 16.0.4 (native compute workloads only)
NSX-T 2.3 has also some cloud specific enhancements:
- Support for AWS Deployments: NSX Cloud support for AWS workloads.
- Automatic NSX Agents Provisioning in Azure VNETs
- VPN Support Between On-Premise to Public Cloud: includes built-in VPN capabilities within the NSX Cloud Public Cloud Gateway using APIs. You can use the VPN capabilities to create IPSEC links between the following:
- Managed compute Amazon VPCs/Azure VNets and third-party service VMs in transit Amazon VPCs/Azure VNets
- Managed Amazon VPC/Azure VNET and an on-premise VPN device
- Expanded OS Support for NSX Cloud Agent: NSX Cloud supports RHEL 7.5 operating systems in the public cloud.
But also several security enhancements:
- Service Insertion Support on Tier-0 and Tier-1 Routers: includes the ability to onboard third-party security solutions, deploy a High Availability third-party security solution at Tier-0 or Tier-1 or both and insert the third-party security solution via redirect policy.
Check the VMware Compatibility Guide – Network and Security for the latest certification status of third-party solutions on NSX-T Data Center.
- Multiple Section Support in NSX Edge Firewall: adds multiple sections in the NSX Edge Firewall for ease of manageability
- Firewall Rule Hit Count and Rule Popularity Index: monitors rule usage and quick identification of unused rules for clean-up
- Firewall Section Locking: enables multiple security administrators to work concurrently on the firewall
- Grouping Objects: supports an object to be added to a group if it matches all five specified tags, which was previously two tags
- Tag Length: increases tag length value from 65 to 256 and tag scope from 20 to 128
And much more. So it’s not a minor release but it’s a big step with huge improvements and enhancements.
For more information, see also: Announcing general availability of VMware NSX-T Data Center 2.3.0
Will NSX-T become the main NSX Data Center product and replace somewhere the NSX-v? Probably yes, but it will require more times.
But it’s quite clear that NSX-T is becoming a better product with an independent management plane, that makes it more flexible to manage multiple hypervisors (but still does not have a native Hyper-V support) and multiple cloud support. And it’s mature enough.
Considering the support and lifecycle of NSX-v 6.x we have to assume that this migration of shift will be not before 2020.