VMware NSX Reviews

The most valuable part of NSX is it's very scalable and automated. Our change request time is really low.

For the most part, it's very stable.

The only hiccup is sometimes during an upgrade, there are hurdles that you can have during that time, but overall it's very stable.

Since we're almost 100% virtual, it's been very scalable for us.

Sometimes, it can be difficult to get to a higher level engineer if you need to, but it takes some work to make that case. Usually it happens, but it's a little difficult.

It seems to be very straightforward. Usually a lot of it's handled by the installer. Yeah, very straightforward. As long as you read the design guide, it's easy.

An important reason for selecting was VMware because they're the hypervisor we use and we see them to be a very valuable asset in purchasing something like NSX, and because they're the owner of the hypervisor and they have direct access into the hypervisor. That's very valuable for us. We foresee it being a very reliable product into the future.

An important reason for selecting was VMware because they're the hypervisor we use and we see them to be a very valuable asset in purchasing something like NSX, and because they're the owner of the hypervisor and they have direct access into the hypervisor. That's very valuable for us. We foresee it being a very reliable product into the future.

They developed the hypervisor, which is very valuable to us, because it has saved us a lot of money just on the micro-segmentation piece. That's basically all we use at this point, but the product has more than paid for itself just with that part of the product.

NSX is extremely invaluable from the standpoint of security.

It does have capabilities of micro-segmenting a network, being able to create smaller segments of various types of applications separated by various tiers.

However, what it's mostly important for is being able to actually set security policies right at the interfacing virtual machine, which we haven't had the ability to do in the past.

So the third-party marketplace is growing and growing for this product and being able to redirect traffic to them, to the third-party products in order to take advantage of those additional features, is wonderful.

I think that one of the more important things to see better integrated into the NSX product would be an IDS/IPS type solution, which right now we're handing off to a third-party, which sometimes doubles the cost of the product. However, there are new products that we're learning about over the course of this week like AppDefense, that may actually help provide some additional capabilities in terms of that IDS/IPS type structure.

There are elements that have been added to it over the years, but its history goes way back with vShield, and has been included in products like vCloud Director, etc. To be honest with you, I've deployed it over the past five to six years and I've had nothing but great success with it.

From a tech support standpoint, as with most VMware text support, the people that we get a hold of on the phone are generally very knowledgeable of the product and have the ability to actually help us through whatever issue we have. We try not to spin our wheels too much. We do try to dig in as much as we can, but as soon as we understand we've gone beyond our limitations we get them on the phone and we've never had an issue trying to get the support we need.

It's a complex product so setup is essentially as easy as the person whose knowledge is being used to install it. There are various elements to it. It can be installed in modules - in a modular fashion. You don't have to install everything right away. And, unfortunately, with this particular product, when you read through all the marketing materials it sounds like it has to be installed completely when, in fact, you can start out with only the pieces you need and add what you need - the other pieces - later as needed.

I always have a hard time giving a ten to anything. I think everything needs improvement. So that's why I would give it a solid eight out of 10.

Security. Our Trend platform runs off NSX.

We use the solution strictly for security.

Roughly six months.

We didn't have this issue, but I would recommend to others looking at this solution to make sure that their hardware is compatible.

It seems to be taking care of our whole environment. It seems to be pretty scalable.

I have not used it, but my coworker has. Every time he talks to them, they're easy to get a hold of; very knowledgeable and they solve his issues right away.

If you put in a trouble ticket, they contact you very quickly (in response). If there is a problem, it usually isn't around very long. They jump on it, fix it, and it's done.

We were on McAfee, and we switched to Trend. We switched to Trend because Trend supports virtual environment a lot better than McAfee does.

Trend migrated in a way that it will only work with NSX. The older version of Trend that we were on worked without NSX. The newer version does not. Now, we use NSX in conjunction with Trend.

We upgraded Trend to keep up-to-date and all the security loopholes closed.

Most important criteria when selecting a vendor:

• They have to be able to support the environment you're running.
• The service and support is a big must. We work at an Enterprise level, so sometimes you can't go with the little new guy. You need that 24 hour service and support, seven days a week. It is very important for us.

The ability to scale from different clouds. At the moment, the scalability of the product is the number one thing that I saw.

Right now, we're doing a private cloud, since we're government. In the future, we may want to look at public, but probably not. 

It has the potential to improve the way we function by having our different clouds be able to easily communicate back and forth. Right now, it takes a lot of work to do collaboration from our test lab, to our production, and to do anything in-between. It has the potential of giving us streamline migrations from the test lab to production.  

Pricing and licensing could be improved as we are a government entity. Lower pricing could always help.

We just got it.

About five to 10 people set new products up and we kick them down the road all the time. As soon as we see something real good we call in some users and it gets big. They call their managers and it grows; it's like a wildfire.

But it will start off as a spark, and I'm the spark.

It is pretty good. It cuts down on duplication. Right now, I have tools in the lab, have tools in pre-prod, and have tools in production. 

Right now and well in the future, if we implement it, we'll be able to have the same tool set be applied through all regions and transfer and not have duplication. It will outline and teach our users how to operate them. Therefore, we will have one set of tools, one set of instructions, and they can operate in all three environments. 

Scalability definitely looks awesome. Again the three environments we'll be able to use one set of tools. Everybody would be familiar with it. It won't operate this region and a different way in another region because it's from another vendor, where one set of tools would be able to pass throughout all of our regions. 

Our scale right now is about 60 users (the production and the customer).

We had multiple solutions.

We were making do with what we had, but again, going to different conferences and seeing what other people were using. We got curious and our vendor said, let's demo it. So, we made time for it, and after we made time for the demo, we realized we should have been doing this two years ago.

I was involved in the initial setup. It was straightforward. We did it with our government PFE.

We do have partners, who are knowledgeable, did offer to come in and set it up for us. We had access to our online lab from our vendor, so they had to set it up, connect it, demo it, and see how it runs. Though, we set ours up. 

Dell EMC and Symantec.

It's a solid product. Very easy to use out-of-the-box. It didn't have a steep learning curve, and we're still finding things that we can add-on. 

I would encourage anyone looking to buy the solution to demo it in a lab, or come to a conference and see it. They should see how it would fit in their environment, and don't be overwhelmed or overworked by adding another solution because the results pays off.

Most important criteria when selecting a vendor:

• Price
• Security
• Meeting the application requirements.
• Technical support.

The ease in which to install this product and make it work straight away without minimum changes in your physical network and is simply astonishing. The only thing you need to do when installing this product is change your MTU to 1600 (jumbo frames). It provides microsegmentation and good security features for north-south and east-west traffic across your SDDC. The performance you obtain at the virtual layer and traffic crossing for your VMs gets improved dramatically because the traffic doesn't leave the hypervisor. I'm not a network guy myself but NSX makes it really easy to understand how the virtual network pins together and how you can manage the traffic and security within your VMware deployment without the hassle of changing VLANs, adding unnecessary protocols for discovery, etc.

Encapsulating the traffic using VXLAN is a great addition. It extrapolates the number of VLANs that you can stretch to an almost infinite number of VXLAN (millions of VXLANs). In abstract, you are dealing with numerous VLANs every time you want to send traffic from one VM to another, basically VMs on different hosts within the same datacenter will be connected to the same logical switch and traffic is advertised via unicast traffic from the NSX controllers to let every body know in the environment "who is who" to minimize the amount of multicast traffic.

We haven't installed this in our environment yet. We have a major lab to provide our Ci-Dev team a sandpit to test apps and its security when deploying a three-tier application on our customers and test every single connection and performance before handing over the application to the customer.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

Six months now.

The upgrade process is okay overall, but we have encountered issues every time when upgrading with the ESXi hosts VIB installation packages not being properly deployed, and after upgrading NSX manager, the ESXi hosts still uses the old version. This causes additional steps to manually remove those old VIBs from the ESXi, reinstall them, and try again. In some cases, we had to uninstall and install them from scratch NSX and restore from backup, which in a real world scenario won't be desirable to do. You would like to have an in-place a seamless upgrade from one version to another, especially if you are changing minor versions (e.g., 6.3.1 to 6.3.2).

A very stable product, it is more mature than it was four years ago when it first came out. The performance you get with this product is near-line rate.

If you have a large environment, the sprawl of Distributed Logical Routers or logical switches can be hard to manage, but you will have the same issues in a physical network.

We have a direct line with VMware support and with the specialized engineer who provides support on NSX. We haven't had to open a support call yet, but the engineer we've dealt with is very capable and knowledgeable on the product.

Excellent. VMware engineers are top of the line. I haven't met one engineer who doesn't know the product well that they support.

Nope, never used a network virtualisation product before.

It was straightforward. Just a couple of install media and .ovf files and you're done. The interesting part comes after installation when you need to define your virtual network architecture and how you're going to deploy rules and connectivity for your VMs.

In-house deployment. We're a large VMware shop and know VMware products well.

Not applicable for this product yet.

We got the licenses from VMware as part of the NFR agreement, but you will require a medium infrastructure to deploy this initially. Lot of memory and CPU are required to have the product run smoothly

No, there are no other products in the market that provide network virtualisation as far as I know.

Download the installer, try it, and you will love it. Some hardcore network administrators will say it is not the same, and of course is not the same, but it is a new way to do things in the network space. It is the way of the future when deploying large networks in Software Defined Data Centres.

I have worked on NSX for the last couple of months and I Liked Distributed Logical Switching, Distributed Logical Router and Distributed Firewall the most.

We have deployed it in a virtual environment and it saved a lot of time and effort for us to configure.

Speed of the NSX Controllers while deploying sometimes gets a bit slower which can be improved, overall its a great product

Last few months.

No issues.

No issues.

No issues.

Satisfied.

Satisfied.

No.

We are a Partner and we have deployed it for our customer.

Open APIs allow seamless integration with other products. Eventhough Lastline does not provide an end-to-end solution like their rivals, namely McAfee, TrendMicro and Symantec, Lastline excels by providing their APIs so that they could be integrated with other security products.

With Lastline, the effort to put in into the protecting the users against zero-day threats and malware can be subsequently reduced. It's accuracy and analysis reports on the objects are what all the other vendors should make an example of.

Lastline's reports can sometimes be very complicated and somehow leaves users with lots of technical information that cannot be easily digested. A more presentable reporting should be provided. However, this is not a weakness and their reporting is only suitable for people with certain technical knowledge.

Lastline itself is a complicated product to navigate through, although it provides a lot of details to the users. This was a feedback from one of our customer here during the POC stage. Users may be required to be technically sound to understand what Lastline has provided to them. What I mean by "a more presentable reporting" is that Lastline should provide a more user readable format of the report; perhaps more visual storyline of their process?

I have been using and performing POC on Lastline for my customers for around 1 year.

No issues.

No stability issues.

Lastline has no issue with scalability as it is by far the more scalable amongst APT solutions.

Lastline support has yet to fully penetrate into the SEA market. Their responses may come from their Sales and System engineers instead of their support team.

As mentioned, their system engineers are very well trained and experience enough to answer most of the technical and product inquiries thrown at them.

No.

Initial setup is very straightforward for cloud-based deployment. For on-premise deployment, it will require some UNIX-based commands knowledge.

Lastline is not a cheap product if compared with their competitors. I wish they could do something about the pricing as it is very hard to convince the customers on such a model.