At VMworld 2017, VMware was rather heavy on the NSX side of things, claiming that integrating clouds and improving edge connectivity will need a software-defined networking (SDN) component to work effectively. VMware’s SDN solution is NSX. This bold announcement by Pat Gelsinger, VMware CEO was met with caution from customers and partners.
This year, the realisation that this was correct has hit the industry. I knew that networking had to change and become software-defined to meet demanding deployment and scaling demands for the enterprise but for SMB’s NSX was something that didn’t make sense as there really was no requirement for this feature set. Instaling a couple of firewalls was much easier and cheaper.
Having attended VMworld 201, this year, the realisation that NSX is a must for SMBs hit home for me. “Security is broken” was the quote of the day. There are so many challenges that businesses have to deal with when it comes to networking and security that it makes sense to at least evaluate an SDN solution.
What does SDN solve?
Considering that “the app is everything”, we do everything for the app (Storage, Compute, Network, DR, Security etc.) We don’t run hypervisors because we can, we run them to provide a place for applications inside virtual machines to operate so it makes sense that the focus should be on the application.
With that said we need to look at all of these “silos” and see what can be improved from various standpoints. To start, security has new issues. No longer is traditional antivirus enough to secure applications from external threats. The dominance of threats such as crypto-locker and the increasing intelligence of hackers has shifted the focus of security-conscious companies.
Bringing the network into software allows us to be smarter in preventing threats such as these and NSX is a great platform to use considering it’s market leadership and it’s ability to run within existing vSphere environments, managed from a single pane of glass and supported by a vendor that you already have a relationship with.
NSX, running in software can securely segregate virtual machines and their applications without having to act like a traditional gateway. It is now possible (and has been for a number of years) to use micro-segmentation to protect applications within the same network.
Taking this concept one step further, combine NSX with something like AppDefense lets us utilise machine learning and analytics to detect threats based on historical issues and other metadata. This combination is the future in application security.