NSX 3.2 Release Notes – Simple Digest

Major release that has lot of new features

Switch agnostic distributed security

  • Ability to extend micro-segmentation to workloads deployed on vSphere networks.

Gateway Security:

  • Enhanced L7 App IDs, Malware Detection and Sandboxing, URL filtering, User-ID firewall, TLS inspection (Tech Preview) and Intrusion Detection and Prevention Service (IDS/IPS).

Enhanced Distributed Security:

  • Malware detection and Prevention, Behavioural IDS/IPS, enhanced application identities for L7 firewall.

Improved integration with NSX Advanced Load Balancer (formerly Avi):

  • Install and configure NSX ALB (Avi) from NSX-T UI; Migrate NSX for vSphere LB to NSX ALB (Avi).

NSX Intelligence 3.2

  • Not a virtual appliance anymore, but must be deployed in a Kubernetes cluster
  • New scale out architecture, Migration from Appliance to Application platform, vRLCM integration, Data collection selective settings
  • Workload view and canvas view enhancements, Group re-use and section re-use Recommendations, network traffic analysis

Application Platform (Modern Microservices)

  • Intelligence, NDR, Malware Prevention, Metrics

Configuration Maximums

  • Federation locations increased from 4 to 8
  • Federation hypervisor hosts across all locations increased from 650 to 1024
  • AD Domains increased from 4 to 8
  • IPv6  now supported with 1,00,000 routes per edge
  • OSPF supported
  • Gateway & Distributed firewall increased more than double

NSX for vSphere to NSX-T Migration: 

  • Major enhancements to the Migration Coordinator to extend coverage of supported NSX for vSphere topologies and provide flexibility on the target NSX-T topologies

NSX-T 3.2 Upgrade Issues

AVI Integration, Guidance and Path Forward

  • Avi basic is has feature parity with NSX Native LB
  • Review Avi Basic vs Enterprise feature difference
  • License – NSX 4xSockets = AVI 1xvCPU
  • Scale issues with licensing
  • Recommend for Avi enterprise license

Related Posts

Scroll to Top