VMware NSX Distributed Firewall

Quick recap:

The VMware NSX Distributed Firewall can be used for micro-segmentation. There are no choke points and there is scale-out performance up to 20 Gbps.

It acts like firewall on the vNic. Each vNic has it’s own rule set. Performance is close to line-rate. Traffic Redirection is possible to 3th party.

Of course there is the Rest API.

DFW is a stateful engine.  During a VMotion the state table is migrated tand is in place before the VM arrives on the destination host

Published by

Michel van Kessel

Specialist in Data Center Infrastructure Designs and Cloud Designs. CCIE Data Center #44197 #CiscoChampion

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s