Reading Time: 3 minutes

VMware NSX-T Data Center 2.5.0 is now in GA and available from the download, after less than one month from the announce.

NSX-T Data Center 2.5 provides a variety of new features to provide new functionality for virtualized networking and security for private, public, and hybrid clouds. 

For more information on what’s new see the release notes.

Will be another step to totally replace NSX-v and with NSX-T 2.4 was already mature to start moving to the new product before the end of support of NSX-v.

This new release will be focused on those main areas:

  • Analytics and visibility to provide continuous data-center wide visibility for network and application security teams helping deliver a more granular and dynamic security posture, simplify compliance analysis, and streamline security operations.
  • Cloud security with a new deployment and operational mode referred to as the Native Cloud Enforced mode.
  • Security enhancements and compliance, including FIPS 140-2 compliance!
  • Operational simplicity with a single view of networking services and security policies that are applied to all workloads, whether on VMs running in a private data center, or workloads hosted in AWS or Azure.
Key focus areas in NSX-T 2.5

The most promising news is the NSX Intelligence v1.0, a new NSX analytics component. NSX Intelligence provides a user interface via a single management pane within NSX Manager, and provides the following features:

  • Close to real-time flow information for workloads in your environment.
  • NSX Intelligence correlates live or historic flows, user configurations, and workload inventory.
  • Ability to view past information about flows, user configurations, and workload inventory.
  • Automated micro-segmentation planning by recommending firewall rules, groups, and services.

But there are tons of new features and improvements.

For example, NSX-T 2.5 adds more Layer-7 capabilities for distributed and gateway firewall. This includes the support for:

  • Layer-7 AppID support for distributed firewall on KVM.
  • Layer-7 AppID support for gateway firewall.
  • Multiple Layer-7 AppID configuration in a single firewall rule.

Very interestin also the support of single cluster designs with fully collapsed Edge+Management+Compute VMs, powered by a single N-VDS, in a cluster with a minimum of four hosts.

The typical reference designs for VxRail and other cloud provider host solution prescribe 4x10G pNICs with two host switches. One switch is dedicated to Edge+Management (VDS), whereas the other one is dedicated to compute VMs (N-VDS). Two host-switches effectively separate the management traffic from the compute traffic. However, with the trending economics of 10 and 25G, many small data center and cloud provider customers are standardizing on two pNICs host. Using this form factor, small data centers and cloud provider customers can build an NSX-T based solution with single N-VDS, powering all the components with two pNICs.