When asked about their experience with previous NSX-T versions, many customers would likely agree that deploying the environment is a considerable lift from their side. They would also say that, once installed, the management, operating network, and security function results are simplified.
Still, a heavy lift can become a major block for small- and medium-sized companies, which has been addressed in the NSX-T 3.2 version. It is consumed as a vCenter plug-in and deployed with the assistance of vCenter wizards to help alleviate that deployment effort.
In traditional NSX scenarios where customers were satisfied with the security features coming from NSX, if they wanted to benefit from the Distributed Firewall (DFW) functionalities, they had to migrate their VMs to NSX-backed dvportgroups. This scenario is reflected in the following figure:
This has changed dramatically with NSX-T 3.2 and the vCenter plug-in. Now, customers can benefit from the security features that can run in a regular VDS without having to implement the networking components. This new architecture is depicted in the following figure.
The updated NSX-T 3.2 is a vCenter-based workflow that guides the vSphere admin through the deployment of NSX security. The required steps are as follows:
These steps will be detailed in the following section, along with an example of how a customer may implement it in their environment.