When designing an IT architecture that implements secure operations and data protection, HCI systems make it easy. These platforms integrate storage and networking with their computing assets as opposed to legacy three-tier systems, which often have dedicated storage and network infrastructures.
HCI also simplifies architecture, allowing it to share—with the same network infrastructure—traffic related with business workload, as well as internal traffic and storage-related traffic.
In this condensed approach, design is key in terms of system accessibility and security. An improper network configuration (in terms of performance and security) impacts user access to their hosted workloads, storage availability, workload performance, and whole-system performance.
Integrating more automation in the network configuration and security into the process makes it easier for systems to perform as designed. It also helps configurations affecting the entire Dell HCI portfolio to follow best practices. Dell vSAN Ready Nodes, Dell VxRail, and Dell PowerEdge (configured to host vSAN based workloads) fall under these design criteria.
Note: Network design information is available in the MX7000 vSAN Ready Node Deployment guide
The typical network design of these systems is usually based in VDS network architectures, and Distributed Port Groups.
As an HCI system, VxRail supports VMware NSX. VMware NSX provides tremendous value for increasing cybersecurity in data centers, with features including micro-segmentation and AI-based behavioral analysis and prevention of threats.
Although NSX is fully validated with VxRail as a part of VMware Cloud Foundation (VCF) on VxRail platform, setting it outside of VCF might require strong networking skills. The comprehensive capabilities of this network virtualization platform may be overwhelming for VMware vSphere administrators who are not networking experts.
For example, assume an administrator only wants to consume the security features. This is a common challenge, especially for organizations that are deploying small VxRail environments with a few nodes and do not require a full VCF implementation on the VxRail stack.
VMware recognizes these challenges and offers a simplified method to deploy NSX for security use cases. This method fits the improved operational experience our customers expect with VxRail. The experience is possible with the VMware vCenter plug-in for NSX, which is introduced in this document.