Author: VM Dave

VMware NSX Distributed IDS Walkthrough

VMware NSX Distributed IDS was introduced with NSX-T 3.0. This feature allows you to enable intrusion detection capabilities within the hypervisor to detect vulnerable network traffic. This distributed mechanism can be enabled on a per VM and per vNIC of a VM basis with granular rule inspection. As part of this feature set, the NSX … Continue reading VMware NSX Distributed IDS Walkthrough →

Prepare Clusters for VLAN Micro-segmentation with NSX-T 3.0

One of the new features in NSX-T 3.0, is a wizard to quickly implement VLAN based micro-segmentation. A misconception with NSX, is that you have to deploy Software Defined Networking to leverage micro-segmentation. That is not the case if you just want to secure workloads backed by VLAN's. Check out the release notes for a … Continue reading Prepare Clusters for VLAN Micro-segmentation with NSX-T 3.0 →

Migrating VMs to VMC on AWS with HCX

I recently presented a TAM Lab session demonstrating how to migrate workloads to VMC on AWS with HCX. Also reviewed how to configure Public IPs, NAT, Gateway & Distributed firewall rules to allow external connectivity. Check out the session below. The purpose of TAM Lab is to provide in-depth technology workshop sessions led by VMware … Continue reading Migrating VMs to VMC on AWS with HCX →

HCX Performance Testing Tool

Photo by Denys Nevozhai on Unsplash One of my Networking & Security TAM customers recently asked me a question. "How do we test HCX performance?" When performing Bulk Migrations with HCX, the migrations were taking longer than they expected. HCX Perftool to the rescue! For a quick overview, see this VMware KB article Steps to Run Perftest in … Continue reading HCX Performance Testing Tool →

Working with NSX Firewall Saved Configurations

Photo by Zan on Unsplash NSX-T features some usability improvements when it comes to saving firewall configurations, or drafts. In this post I'm going to walk through how you can leverage this feature. An example use case is a business that has a change control policy mandating administrators can only publish Distributed Firewall updates outside of core … Continue reading Working with NSX Firewall Saved Configurations →

Solved – Problem registering vCenter & NSX with HCX

I was in the process of installing HCX in my lab, and ran into an issue connecting my vCenter Server and NSX environment. While trying to connect, received the following error "PKIX path building failed: java.security.cert.CertPathBuilderException: Unable to find certificate chain" Couldn't find a solution online, so thought I'd publish a quick blog post detailing … Continue reading Solved – Problem registering vCenter & NSX with HCX →

Installing AppDefense for vSphere Platinum – Step by Step

VMware AppDefense takes a new approach to application security. What if, instead of “chasing bad” we started by “ensuring good”? Here are some resources I recommend you review to learn more about AppDefense, and the benefits. Excellent Session from VMworld 2018 - Transforming Security in a Cloud and Mobile World (SEC3730KU). You’ll also see a … Continue reading Installing AppDefense for vSphere Platinum – Step by Step →

Creating a Security Audit Dashboard with vRealize Network Insight

Introduction In this post, I'm going to walk you through step by step, how to create a Pinboard(aka Dashboard) in vRealize Network Insight(vRNI) to provide a summary of recent security related changes in your environment. Customers initially invest in vRNI is to assist with micro-segmentation planning along with NSX. Check out this great blog over … Continue reading Creating a Security Audit Dashboard with vRealize Network Insight →

Troubleshooting HCX

VMware HCX was announced at VMworld Europe 2017. Use cases for the solution include Infrastructure Hybridity & Workload Mobility. See the official product page and this blog post or more information In this post I'm going to walk through some basic steps to validate and troubleshoot NSX Hybrid Connect, a.k.a HCX utilizing diagnostic tools built … Continue reading Troubleshooting HCX →

Increasing NSX-T Operational Visibility with vRealize Log Insight

A critical(and sometimes overlooked) component of any infrastructure implementation is operational visibility. Its is important for troubleshooting, alerting and auditing purposes to send logs to a central location. For NSX-T, this is where vRealize Log Insight and it's NSX-T Content Pack come in. Description from the VMware Solution Exchange "The NSX-T Log Insight Content Pack provides operational and … Continue reading Increasing NSX-T Operational Visibility with vRealize Log Insight →