Enhancing your Data Center Security with VxRail
Fri, 28 Jul 2023 22:16:57 -0000
|Read Time: 0 minutes
Related Blog Posts
Learn About the Latest Major VxRail Software Release: VxRail 8.0.000
Mon, 09 Jan 2023 14:45:15 -0000
|Read Time: 0 minutes
Happy New Year! I hope you had a wonderful and restful holiday, and you have come back reinvigorated. Because much like the fitness centers in January, this VxRail blog site is going to get busy. We have a few major releases in line to greet you, and there is much to learn.
First in line is the VxRail 8.0.000 software release that provides introductory support for VMware vSphere 8, which has created quite the buzz these past few months. Let’s walk through the highlights of this release.
- For VxRail users who want to be early adopters of vSphere 8, VxRail 8.0.000 provides the first upgrade path for VxRail clusters to transition to VMware’s latest vSphere software train. Only clusters with VxRail nodes based on either the 14th generation or 15th generation PowerEdge servers can upgrade to vSphere 8, because VMware has removed support for a legacy BIOS driver used by 13th generation PowerEdge servers. Importantly, users need to upgrade their vCenter Server to version 8.0 before a cluster upgrade, and vSAN 8.0 clusters require users to upgrade their existing vSphere and vSAN licenses. In VxRail 8.0.000, the VxRail Manager has been enhanced to check platform compatibility and warn users of license issues to prevent compromised situations. Users should always consult the release notes to fully prepare for a major upgrade.
- VxRail 8.0.000 also provides introductory support for vSAN Express Storage Architecture (ESA), which has garnered much attention for its potential while eliciting just as much curiosity because of its newness. To level set, vSAN ESA is an optimized version of vSAN that exploits the full potential of the very latest in hardware, such as multi-core processing, faster and larger capacity memory, and NVMe technology to unlock new capabilities to drive new levels of performance and efficiency. You can get an in-depth look at vSAN ESA in David Glynn’s blog. It is important to note that vSAN ESA is an alternative, optional vSAN architecture. The existing architecture (which is now referred to as Original Storage Architecture (OSA)) is still available in vSAN 8. It’s a choice that users can make on which one to use when deploying clusters.
In order to deploy VxRail clusters with vSAN ESA, you need to order brand-new VxRail nodes specifically configured for vSAN ESA. This new architecture eliminates the use of discrete cache and capacity drives. Nodes will require all NVMe storage drives. Each drive will contribute to cache and capacity. VxRail 8.0.000 offers two choices for platforms: E660N and the P670N. The user will select either the 3.2 TB or 6.4 TB TLC NVMe storage drives to populate each node in their new VxRail cluster with vSAN ESA. To learn about the configuration options, see David Glynn’s blog.
- The support in vSphere 8 in VxRail 8.0.000 also includes support for the increased cache size for VxRail clusters with vSAN 8.0 OSA. The increase from 600 TB to 1.6 TB will provide significant performance gain. VxRail already has cache drives that can take advantage of the larger cache size. It is easier to deploy a new cluster with a larger cache size than for an existing cluster to expand the current cache size. (For existing clusters, nodes need their disk groups rebuilt when the cache is expanded. This can be a lengthy and tedious endeavor.)
Major VMware releases like vSphere 8 often shine a light on the differentiated experience that our VxRail users enjoy. The checklist of considerations only grows when you’re looking to upgrade to a new software train. VxRail users have come to expect that VxRail provides them the necessary guardrails to guide them safely along the upgrade path to reach their destination. The 800,000 hours of test run time performed by our 100+ staff members, who are dedicated to maintaining the VxRail Continuously Validated States, is what gives our customers the confidence to move fearlessly from one software version to the next. And for customers looking to explore the potential of vSAN ESA, the partnership between VxRail and VMware engineering teams adds to why VxRail is the fastest and most effective path for users to maximize the return on their investment in VMware’s latest technologies.
If you’re interested in upgrading to VxRail 8.0.000, please read the release notes.
If you’re looking for more information about vSAN ESA and VxRail’s support for vSAN ESA, check out this blog.
Author: Daniel Chiu
Simplifying Security Operations for Dell HCI Platforms with NSX
Thu, 08 Sep 2022 16:58:04 -0000
|Read Time: 0 minutes
Today, most technology companies in the IT space work to offer customers not only the best technology innovations but also those that help simplify their day-to-day lives.
One example of this is the new vCenter plug-in for NSX-T, introduced with vSphere 7.0 Update 3c and NSX-T 3.2. Through this new deployment method for NSX-T, management and operations users can now use NSX-T as a plug-in for vCenter, similar to how earlier versions of NSX were configured. Through wizard-assisted operations, security policies can easily be configured, deployed, and operated within vCenter.
Figure 1. The new vCenter plug-in for NSX-T simplifies security deployment and operations
For Dell HCI platforms such as VxRail, vSAN Ready Nodes, and PowerEdge servers hosting vSAN-based workloads, NSX becomes an optimal network and security engine.
Figure 2. Dell HCI platforms such as VxRail or vSAN Ready Nodes become the perfect targets for the new vCenter plug-in
The whole process is simple. It can be completed by following these steps:
- Install NSX-T Manager and provide a license key.
- Install the new method to configure and operate NSX security, the vCenter plugin for NSX.
- Configure the distributed firewall policies for the HCI cluster:
a. Define infrastructure services as needed (DNS, DHCP, custom…).
b. Create the environment to consume the defined infrastructure services. - Define how the elements in the environment can communicate with each other.
- Define communication strategies for applications in the environment.
- Review and verify the defined security policies before they are published and effective.
Figure 3. Defined NSX security rules can be reviewed before going live
If you want to learn more about how simple security operations can become with the new vCenter plug-in for NSX, take a look at this video.
Author: Inigo Olcoz
Twitter: VirtualOlcoz
References
- VxRail Info Hub
- vSAN Ready Nodes Info Hub
- HCI Security Simplified: Protecting Dell VxRail with VMware NSX Security
- Simplifying Security Deployment and Operations for Dell HCI Platforms
- Video: Simplifying HCI Security with the New vCenter Plug-in for NSX