Confidential │ ©2018 VMware, Inc.
May2019
Mrežna analitika i monitoringvRealize Network Insight
Višnja Radoš
Senior NSX Specialist
3Confidential │ ©2018 VMware, Inc.
Users
Private Data Centers
VMs, Containers, Microservices
Branch Offices
Public Clouds
Telco Networks
Things
vRealize Network Insight
Security Planning & Network Visibility Across the
Virtual Cloud Network
VMware Network Insight
6Confidential │ ©2018 VMware, Inc.
VMware Network InsightAccelerate application security and networking across private, public, and hybrid clouds
6
Use Cases
Plan Application Security and Migration
• Accelerate micro-segmentation deployment
• Troubleshoot security for SDDC, native AWS, and hybrid applications
• Minimize business risk during application migration
Optimize and Troubleshoot Virtual and Physical Networks
• Reduce mean time to resolution for application-connectivity issues
• Optimize application performance by eliminating network bottlenecks
• Audit network and security changes over time
Manage and Scale NSX
• Scale across multiple NSX managers
• Boost uptime by proactively detecting misconfiguration errors
• Ensure compliance for NSX
7
The Virtual Network AssessmentFREE
Assessment of security risks and recommendations
• Powered by VMware Network Insight
• No NSX required at this time
• Easy to install virtual appliance sets
up in minutes
• Profile traffic in your data center –
East-West vs North-South, Switched
vs Routed, VM-VM ot within a host.
• Identify anomalous flows
• Roll over into full installation
• Generate risk assessment report
• Includes top talkers and micro-
segmentation blueprint
• Report also available post-purchase
in full product
8Confidential │ ©2018 VMware, Inc.
Plan Application Security and Migration
9Confidential │ ©2018 VMware, Inc.
Going from Discovered to Saved
Application Discovery Results
Hover: App details with name, tiers & member VMs. Quick save button
Discovered App List, includes Unclassified
VMs.
Results based on this regular expression
Anim
ate
d S
lide
hide
10Confidential │ ©2018 VMware, Inc.
The Awesomesauce!
Application Dashboard
• New Application Dashboard
• Displays inter and intra Application communication using network flows
• Shows any issues with VMs inside tiers
• Shows physical network hardware (ToR) which this application is dependent on
• Dashboard also shows events related to this application, metric graphs (network rate, cpu, memory, disk), top talkers and has a shortcut to the security planner
11Confidential │ ©2018 VMware, Inc.
5 Steps to Application-Centric Micro-segmentation
Download the complete guide at vmware.com/nsx/security
Assess current environment
1
FREE Virtual Network Assessment Available!
Deploy NSX Data Center
2
NO changes to your current physical network!
Identify Application Boundaries
3
Discover services, applications and their boundaries!
Get Recommended Firewall Rules
4
Application Rules Manager in NSX helps provide application level rules!
Repeat, Monitor, Troubleshoot
5
Deploy micro-segmentation starting with most critical apps
first!
NSX Data Center and vRealize Network Insight for Micro-segmentation Nirvana!
Security Policy Automation – Micro-Segmentation
• Discover vCenter and NSX constructs (folders, clusters, vlans, security tags)
• Automated Security Groupings Based on vCenter and NSX Constructs, Workload Characteristics, Ports, Common Services
• Recommended Security Policies / Firewall Rules (Zero-Trust Model)
• Support for physical IP addresses in micro-segmentation planning
• Grouping by IP Set available
• See Network Traffic Per Host, Per VM
• Export as CSV or XML, with a single click for all rules associated with a security group, applications or tiers
Group By IPSet. Show physical and virtual addresses
Export all rules
Plan Security across virtual and physical infra
• Physical flows available for application and micro-segmentation views
• Available within the flows UI and for Mseg planning
• Flows UI - Filter on Source/Destination DNS and L2
• New entity - IP Endpoint
–Covers IP addresses learned from NetFlow
• Enriched NetFlow data available through Infobloxintegration
–Examples: flows where Source Dns Domain = 'app.arkin.net’
– IP Endpoint where DNS Domain = 'app.arkin.net’
• New option in Applications – Custom IP Search
are
14
Custom IP Search dropdown uses enriched
fields
Plan Security Consistently across Private and Public Clouds
Add AWS credentials
• AWS CloudWatch VPC Flow Logs
– 1 million free API calls per month
• Support for VPC, firewall rules, security groups, VMs, flows, tags
• Visualize flows by VPC, Security Groups or Tags
Analyze flows for AWS VPCs and
Security Groups
Analyze flows for AWS VPCs and
Security Groups
17Confidential │ ©2018 VMware, Inc.
Optimize And Troubleshoot Virtual & Physical Networks
17
Data Paths Across Overlay And Underlay
19
NSX Firewall
PANW Virtual FW
PANW Physical Firewall
Physical Network
Switch, Router
VXLAN
VLAN
Converged Infrastructure
(Ex: UCS)
Connectivity Graphs
• VM to VM, VM to Physical, VM to Internet
• Hop-by-Hop Path across Overlay (LDRs, Edge Gateways) and Underlay (Physical VDCs & VRFs). See V-To-P Boundary
• Correlated Problems And Performance Metrics Across Virtual and Physical
• See Effective Firewall Rules and Security Policies across NSX and PANW in Service-Chained Environment
• Support for NAT instance hops
20Confidential │ ©2018 VMware, Inc.
VM Underlay Visualizations
Choose VM and VNIC entities to display
within the path
Visualization will update to reflect chosen entity
Powerful visualization into VM connectivity to networking underlay to quickly pinpoint bottlenecks and point of failure
Flow Analytics
• Gain insights into the datacenter based on flow data
• Uses cases: optimize your network, monitor new services, and detect outliers
• Visualization of Top Talkers by VM, Subnet, Source-Destination pair etc.
• What’s New in last 1 day section contains information such as:
– New Virtual Machines accessing internet
– New internet services accessed
– New internal E/W services accessed
– New internal services accessed from internet
– New services with blocked flows
– New firewall rule hits
• Visualization of Outliers
– Elephant Flows
– Custom visualization of outliers
CONFIDENTIAL
21
Quickly view top talkers
23Confidential │ ©2018 VMware, Inc.
Manage and Scale NSX
23
NSX Infrastructure Monitoring and Troubleshooting
24
NSX Manager Dashboards With Powerful Visualizations
• View NSX Manager Topology including NSX services and vCenter as well as underlay connections
• Topology view flags elements with issues, single click to view issues for any element in the topology
• Comprehensive information on alerts color coded by severity and includes recommendations for fix
• Archive important events
Indicates Issues
Color coded by severity
PCI Compliance Dashboard
• Helps assess the PCI compliance for the NSX-V environment
• Provides analysis of data for specific PCI sections
• New search keyword PCI compliance of introduced
• Available only in vRNIenterprise license or NIaaS
CONFIDENTIAL
27
Open from Security Menu
Also choose scope using search
Choose the assessment scope
PCI sections used for analysis
Confidential │ ©2018 VMware, Inc.
Demohttps://field-demo.vrni.cmbu.local/#home/