You have options regarding segmenting the VxRail network traffic at the VMware VDS level. You can configure the required VxRail networks to a single VMware VDS, or you can deploy a second VMware VDS to isolate the VxRail management network traffic and the VxRail non-management network traffic.
If your company or organization has stringent security policies regarding network separation, splitting the VxRail networks between two VMware VDS enables better compliance with those policies, and simplify redirecting the VxRail management network traffic and non-management network traffic down separate physical network paths.
- Place all the required VxRail network traffic and guest network traffic on a single VMware VDS.
- Use two VMware VDS to segment the VxRail management network traffic from the VxRail non-management traffic and guest VM network traffic.
- Deploy a separate VMware VDS to support guest virtual machine network traffic.
VxRail supports either a single VMware VDS or two VMware VDS as part of the initial implementation process. If your security posture changes after the VxRail cluster initial implementation has completed, a second VMware VDS can still be deployed, and the VxRail network traffic can be redirected to that second VMware VDS. Any additional VMware VDS beyond two switches, such as those for user requirements outside of VxRail networking can be deployed after initial implementation.