Confidential │ ©2018 VMware, Inc.

May2019

Mrežna analitika i monitoringvRealize Network Insight

Višnja Radoš

Senior NSX Specialist

vrados@vmware.com

3Confidential │ ©2018 VMware, Inc.

Users

Private Data Centers

VMs, Containers, Microservices

Branch Offices

Public Clouds

Telco Networks

Things

vRealize Network Insight

Security Planning & Network Visibility Across the

Virtual Cloud Network

VMware Network Insight

6Confidential │ ©2018 VMware, Inc.

VMware Network InsightAccelerate application security and networking across private, public, and hybrid clouds

6

Use Cases

Plan Application Security and Migration

• Accelerate micro-segmentation deployment

• Troubleshoot security for SDDC, native AWS, and hybrid applications

• Minimize business risk during application migration

Optimize and Troubleshoot Virtual and Physical Networks

• Reduce mean time to resolution for application-connectivity issues

• Optimize application performance by eliminating network bottlenecks

• Audit network and security changes over time

Manage and Scale NSX

• Scale across multiple NSX managers

• Boost uptime by proactively detecting misconfiguration errors

• Ensure compliance for NSX

7

The Virtual Network AssessmentFREE

Assessment of security risks and recommendations

• Powered by VMware Network Insight

• No NSX required at this time

• Easy to install virtual appliance sets

up in minutes

• Profile traffic in your data center –

East-West vs North-South, Switched

vs Routed, VM-VM ot within a host.

• Identify anomalous flows

• Roll over into full installation

• Generate risk assessment report

• Includes top talkers and micro-

segmentation blueprint

• Report also available post-purchase

in full product

8Confidential │ ©2018 VMware, Inc.

Plan Application Security and Migration

9Confidential │ ©2018 VMware, Inc.

Going from Discovered to Saved

Application Discovery Results

Hover: App details with name, tiers & member VMs. Quick save button

Discovered App List, includes Unclassified

VMs.

Results based on this regular expression

Anim

ate

d S

lide

hide

10Confidential │ ©2018 VMware, Inc.

The Awesomesauce!

Application Dashboard

• New Application Dashboard

• Displays inter and intra Application communication using network flows

• Shows any issues with VMs inside tiers

• Shows physical network hardware (ToR) which this application is dependent on

• Dashboard also shows events related to this application, metric graphs (network rate, cpu, memory, disk), top talkers and has a shortcut to the security planner

11Confidential │ ©2018 VMware, Inc.

5 Steps to Application-Centric Micro-segmentation

Download the complete guide at vmware.com/nsx/security

Assess current environment

1

FREE Virtual Network Assessment Available!

Deploy NSX Data Center

2

NO changes to your current physical network!

Identify Application Boundaries

3

Discover services, applications and their boundaries!

Get Recommended Firewall Rules

4

Application Rules Manager in NSX helps provide application level rules!

Repeat, Monitor, Troubleshoot

5

Deploy micro-segmentation starting with most critical apps

first!

NSX Data Center and vRealize Network Insight for Micro-segmentation Nirvana!

Security Policy Automation – Micro-Segmentation

• Discover vCenter and NSX constructs (folders, clusters, vlans, security tags)

• Automated Security Groupings Based on vCenter and NSX Constructs, Workload Characteristics, Ports, Common Services

• Recommended Security Policies / Firewall Rules (Zero-Trust Model)

• Support for physical IP addresses in micro-segmentation planning

• Grouping by IP Set available

• See Network Traffic Per Host, Per VM

• Export as CSV or XML, with a single click for all rules associated with a security group, applications or tiers

Group By IPSet. Show physical and virtual addresses

Export all rules

Plan Security across virtual and physical infra

• Physical flows available for application and micro-segmentation views

• Available within the flows UI and for Mseg planning

• Flows UI - Filter on Source/Destination DNS and L2

• New entity - IP Endpoint

–Covers IP addresses learned from NetFlow

• Enriched NetFlow data available through Infobloxintegration

–Examples: flows where Source Dns Domain = 'app.arkin.net’

– IP Endpoint where DNS Domain = 'app.arkin.net’

• New option in Applications – Custom IP Search

are

14

Custom IP Search dropdown uses enriched

fields

Plan Security Consistently across Private and Public Clouds

Add AWS credentials

• AWS CloudWatch VPC Flow Logs

– 1 million free API calls per month

• Support for VPC, firewall rules, security groups, VMs, flows, tags

• Visualize flows by VPC, Security Groups or Tags

Analyze flows for AWS VPCs and

Security Groups

Analyze flows for AWS VPCs and

Security Groups

17Confidential │ ©2018 VMware, Inc.

Optimize And Troubleshoot Virtual & Physical Networks

17

Data Paths Across Overlay And Underlay

19

NSX Firewall

PANW Virtual FW

PANW Physical Firewall

Physical Network

Switch, Router

VXLAN

VLAN

Converged Infrastructure

(Ex: UCS)

Connectivity Graphs

• VM to VM, VM to Physical, VM to Internet

• Hop-by-Hop Path across Overlay (LDRs, Edge Gateways) and Underlay (Physical VDCs & VRFs). See V-To-P Boundary

• Correlated Problems And Performance Metrics Across Virtual and Physical

• See Effective Firewall Rules and Security Policies across NSX and PANW in Service-Chained Environment

• Support for NAT instance hops

20Confidential │ ©2018 VMware, Inc.

VM Underlay Visualizations

Choose VM and VNIC entities to display

within the path

Visualization will update to reflect chosen entity

Powerful visualization into VM connectivity to networking underlay to quickly pinpoint bottlenecks and point of failure

Flow Analytics

• Gain insights into the datacenter based on flow data

• Uses cases: optimize your network, monitor new services, and detect outliers

• Visualization of Top Talkers by VM, Subnet, Source-Destination pair etc.

• What’s New in last 1 day section contains information such as:

– New Virtual Machines accessing internet

– New internet services accessed

– New internal E/W services accessed

– New internal services accessed from internet

– New services with blocked flows

– New firewall rule hits

• Visualization of Outliers

– Elephant Flows

– Custom visualization of outliers

CONFIDENTIAL

21

Quickly view top talkers

23Confidential │ ©2018 VMware, Inc.

Manage and Scale NSX

23

NSX Infrastructure Monitoring and Troubleshooting

24

NSX Manager Dashboards With Powerful Visualizations

• View NSX Manager Topology including NSX services and vCenter as well as underlay connections

• Topology view flags elements with issues, single click to view issues for any element in the topology

• Comprehensive information on alerts color coded by severity and includes recommendations for fix

• Archive important events

Indicates Issues

Color coded by severity

PCI Compliance Dashboard

• Helps assess the PCI compliance for the NSX-V environment

• Provides analysis of data for specific PCI sections

• New search keyword PCI compliance of introduced

• Available only in vRNIenterprise license or NIaaS

CONFIDENTIAL

27

Open from Security Menu

Also choose scope using search

Choose the assessment scope

PCI sections used for analysis

Confidential │ ©2018 VMware, Inc.

Demohttps://field-demo.vrni.cmbu.local/#home/