VMware NSX Reviews

We host citizen-centric portals. They are web portals where citizens can enter and fetch data. For example, we have tax-related portals, health-related portals, and education-related portals. These are social welfare portals, and for that, we use AWS services.

NSX helps us by making IT management and operations more efficient. When VMs spin off from the DC to the DR site, all required settings on the network level are handled automatically.

The most valuable feature of NSX is the ease of configuration. It handles automatic configuration of IP addresses and network settings during VM migrations between data centers.

The ticket support response time from VMware could be improved. Often, callbacks are delayed, which can be problematic if the servers are in production.

We have been using NSX for almost one year.

NSX is stable and reliable. I would rate its stability between eight or nine out of ten.

NSX is quite scalable. I would rate its scalability as eight out of ten.

The customer support from VMware could be more responsive, as sometimes callbacks are delayed, causing delays in addressing critical issues.

Positive

We did not switch from another solution to NSX. We have been using VMware products, including vSphere, for many years.

The initial setup of NSX was complex, but with the help of an experienced vendor and support from VMware, we managed to configure it successfully in a short time.

We had an experienced vendor help with the implementation and received good support from VMware during the setup.

VMware has moved to a bundled pricing model, which means we are sometimes forced to pay for features we don’t use. This has increased our overall costs.

We evaluated Azure and other solutions, but we preferred AWS.

I recommend NSX because it simplifies IT operations and management, especially for data center network configurations.

We use the solution to establish a connection between our two sites using the same IPs. This is our primary use case.

Segmentation, specifically micro-segmentation, and also for its extended service between sites to keep the same IP address on all sites are valuable features of the solution for our company.

The solution could benefit from improvements in its pricing and scalability.

I have been using VMware NSX for two years. Also, I am using VMware NSX-T 1.0

It is a stable solution. Our company is migrating from VMware NSX-T 1.0 to VMware NSX-T 3.0.

In terms of scalability, I would rate the solution a seven out of ten. Currently, VMware NSX is being used extensively in my company by approximately 1,000 end-users.

When our company contacts VMware's technical support, we open a ticket for our support request. In the past, we escalated issues to VMware support and raised tickets to receive resolutions.

The solution's initial setup process was easy.

The implementation process for the solution was executed with the assistance of our organization's in-house team.

Regarding the deployment process, we begin with the manager and the product. Next, we deploy the controller and proceed with the requirements of UA6. Subsequently, we configure the DLR, ULS, or UDL.

I don't look over the pricing and licensing of the solution.

Before our company decided to go with VMware NSX, we evaluated VMware vRA and VMware vRO.

The solution is highly recommended for those with similar use cases as our company, given its features and the exceptional support it offers. The solution's prompt and responsive support team makes it a reliable option. Overall, I rate the solution an eight out of ten.

I used to sell the solution as a bundled package. My role was to find the best solutions for customers from various vendors and work with our pre-sales and solution architecture departments to present these options. I provided high-level advice and my colleagues provided technical details. 

Our customers used the solution for segmentation and automation to secure workloads in their lower computing layer. One customer was CaixaBank, an important financial institution in Spain. 

The dashboard is comprehensive and easy to use. 

The solution integrates perfectly with F5, Check Point, and other applications. Integration with vendors is very important for customers. For our CaixaBank deployment, the solution performed these integrations which included defining, automating, and applying different rules and security functionalities. 

The solution is only sold as part of a bundle and not as an individual product. Some customers only need vSphere or NSX for their use cases, but account executives focus on bundles so this is a problem. 

Account executives need to talk with both systems and security staff to get a full picture of the environment's requirements. For example, systems staff have no need for the solution so they will never deploy it. 

I have been familiar with the solution for three years. 

The solution is very stable. 

The solution is scalable and can handle deployment to thousands of devices with no issues. 

Technical support is very, very good. Staff work hard to understand new functionalities or bug fixes that are released monthly. 

The setup depends on the project scope. For example, CaixaBank's project had a very large scope that was divided into many different parts. Deployment took one year but the project is still ongoing. 

Good deployments depend on an assessment phase where you talk with different departments before defining objectives. Discussions should occur both with systems and security staff. With proper pre-assessment, the solution operates and integrates perfectly. 

The pricing is higher than other options from Palo Alto, Fortinet, and Cisco because it is sold in a bundle. 

Customers do not know the individual price of the solution so they compare the package pricing to competitors. The solution should offer stand-alone pricing so it can be accurately compared to other options. 

There are many solutions in the market that offer similar functionality and characteristics. 

Palo Alto, Fortinet, and Cisco offer lower prices because they are considered legacy. Segmentation is very detailed so many customers prefer legacy options for peace of mind. 

The solution is a very, very good product that is perfect for customers who have good technical support. 

I recommend the solution and rate it a seven out of ten.

The solution is mainly used for rolling virtual environments and private clouds. I use the product for my company and for other customers.

It's important to have whenever I need to segment or control the traffic from virtual machine to virtual machine. This was not the case without the NSX.

NSX is good in managing security or controlling the security and the access control for each single VM. 

It is essential and it can be useful up to a certain level of access control. That said, if we need further detailed or further security features, we should use another product like Palo Alto or Fortinet or other competitors.

It integrates with certain vendors like Palo Alto seamlessly.

The product is stable. 

We can scale the solution. 

It's just access controlled. It should be leveraged by adding more detailed, deep security products to facilitate the NXS. The security needs improvement. 

It's not feature-rich. It's not doing many tasks like a Next Generation Firewall such as Palo Alto for VM or other vendors like Fortinet for virtualized environments. 

It has to have the features from next-generation firewalls, and it needs to complement other features, as in the unified security gateway, to be a good competitor against other solutions.

It does not integrate well with many platforms. 

I've been using the solution for a couple of years now. 

Stability is not an issue. It's not buggy. It doesn't crash or freeze. the performance is good. 

It is a scalable product. 

We have around 1000 or more people on the solution. Our customers use the solution. We do not use it internally. 

We didn't have experience with VMware technical support. Mainly, the issues we need are covered via assistance from Palo Alto. I've never directly communicated with VMware support. 

We didn't use any solution for the virtualized environment.

That said, for other solutions in the market that have the same feature, we have experience. This includes Juniper, Cisco, and Palo Alto. These all have next-generation firewall features, which have been standard for 20 years now.

It's intermediate in terms of ease of setup. It is not so straightforward, and it's not also complex.

 It integrates with certain vendors like Palo Alto very well. That said, other vendors, like Fortinet or others, do not have the same level of integration.

I'd rate the process a there out of five in terms of ease of setup. 

The deployment took three weeks the first time we did it. The strategy is mainly segmenting between operational virtual machines which have, for example, the database and the application front end on the same VLAN. If I need to segment this traffic, it wouldn't be possible without NSX.

We have two people that can handle deployment and maintenance tasks. We need someone who understands the schema of the solution itself, the software itself, the front end and the database, and so on. Then, we also need one person from the security team.

We had a consultation and fielded recommendations from a Palo Alto engineer.

From a security point of view, the ROI you would see would be based on making things secure. The risk is at the lowest possible levels. However, the level of security that would be improved using this solution alone isn't so good. I'd rate the ROI a two out of five as it doesn't do much on its own. 

I'm not sure about licensing, as this is out of my scope as a technical engineer.

We did look into other options before choosing this solution. 

We are a partner. I'm using the latest version of the solution. 

It has good features for tagging and auto-tagging and so on. That said, without another complementary solution like Palo Alto or other micro-segmentation firewall vendors, it would not be of that much use. It needs the support of other software.

I'd rate the solution five out of ten. It lacks standard security features, which is why I rate it so low. 

This is a product for network security, and network management. 

We don't use it at the production level. I am conducting a PoC.

We are using this in our testing data center and not in our live data center. This infrastructure contains many security devices from other vendors such as Palo Alto.

We are also using vSAN and vCenter.

The most valuable features are stability and low cost.

There are always issues integrating with Cisco.

Switching is always a big problem for us because our switch is not supported.

If the integration was more open, then it would be good.

I have been using VMware NSX for three years.

We are using the latest version, and we already want to upgrade it.

It's a stable solution. We plan to continue using it.

There are three users in our organization who are using this solution.

VMware technical support is good but we find that the Cisco support is better for us.

This product is better for network security than Cisco ASA and Firepower.

The initial setup is straightforward but still takes time.

It takes longer to deploy than Cisco products. It takes between three and seven days to deploy,

We had a team of five for deployment. Two are from our company and three were from the vendor.

We have a license.

It is an expensive product, but cheaper than some competing solutions.

It's a good product.

This is a solution that I recommend.

I would rate this solution a nine out of ten.

The micro-segmentation and the ability to create policy rules are valuable.

There's generally quite a lack of specialists in this space. One of the challenges as a reseller is that I need technical people to go and offer in-depth conversations about the products. We would engage someone to do that, or we would look for some engineering resources to be able to do the implementation. Unfortunately, there are not a lot of those. There is a massive skill shortage.

It's a good product, but the way that it has got so many multiple levels that need to be purchased makes it expensive and cumbersome. They seem to value shareholders more than customers, but most corporations seem to do that anyway.

I don't use the product. I sell the product. I've been with VMware for multiple years. It has been about three years or so.

It's stable. None of my customers have complained about it from a stability point of view. They complained about its cost a lot, but people are quite happy that it's a stable product.

There don't seem to be any issues with scalability. I'd rate it an eight out of ten in terms of scalability.

Most of our clients are small to medium enterprises.

We are just reselling the product. I've seen demos and things like that. It seems very straightforward. 

There could be some challenges around the implementation time, and you need to know what you're doing. There were some challenges from one of our customers. It had to do with the migration of VTT that wasn't made clear to him, so he complained about that, but it's not my experience. Some of the end-users in that space may have a feeling that they're not being informed sufficiently of product changes in a timely manner. 

Our customers have definitely complained about its cost. It's expensive. I'd rate it a nine out of ten in terms of pricing where ten represents a high price. There are other products out there that are equally expensive.

I'd definitely recommend doing a proof of concept. Do a trial deployment so that you can understand the requirements and you can understand how the rules are created. So, definitely, try before you buy should be there.

I'd rate it an eight out of ten.

We were using VMware NSX for high availability. 

We recently used it to migrate a way to the public cloud.

The migration methods are the most valuable aspect of this solution. The rest is just overly complicated.

We had some issues with the cloud version.

It needs to be cheaper.

We are stopping its use. We won't need it because we'll be using cloud-native.

The company has been working with VMware NSX for six years.

I have hands-on experience with VMware NSX.

It was on-premise, but we just used it to do cloud migration to VMC, and it will be removed after that.

The on-premises version of VMware NSX was not stable, but it was for VMC migrations. 

The on-premises version of VMware NSX is not scalable.

The cloud version is most likely fine. I couldn't really say, but after the on-premise system was implemented, everyone was afraid of change. It was really flaky.

We don't have a large number of users. It is not used as such by people; it is a piece of infrastructure software.

There would have been less than half a dozen, not very many.

I personally have not had any contact with technical support.

The initial setup is complex.

TCS assisted us with the installation.

If five is a good price and one is a high price, I would rate the price a one out of five.

I would not recommend this solution to others.

As a technical solution, I would rate VMware NSX a five out of ten.

The Environment was an active-active Tier-0 multi-site deployment (primary/secondary).

It contained compute and management clusters, and a small number of transport ESXi nodes (between five and six) v6.7u2, vCenter 6.7u2, AD.

The primary use case was to implement micro-segmentation and route production workloads through NSX-T via BGP. Our customer needed assurances that BGP routing within NSX-T would be efficient.

We implemented a very simple architecture and setup site with one NSX Manager as the primary source. This was a financial customer, thus security was the main item.

We had to explain to the customer that NSX-T deployment and micro-segmentation were two different projects explicitly.

NSX-T has allowed us to implement micro-segmentation in the customer's environment seamlessly (zero-trust). We have also looked at deploying Tufin or Gardicore, ReSTNSX as alternative tools. The Environment was an active-active Tier-0 multi-site deployment

The organization was able to begin scaling out its production workloads and clusters.

From a security standpoint, the customer was able to better secure critical workloads while routing L2/L3 worked normally, giving them more confidence that they would be ready for any potential security incident mitigation or outage (DR).

The most valuable features are:

• N-VDS Geneve encapsulation L2/L3
• Less need for the VM to hit the TOR switch to communicate with VMs on the same ESXi host/segment (logical switch)
• Micro-segmentation capabilities/tagging
• NSX-T dashboard/compute usage across the configuration allows a quick view
• The NSX-T configuration screens are fairly easy to navigate but they might need to simplify them a bit in future versions.
• Very extensive detailed configuration items can be set in Uplink profiles to better map pNICs
• Edge TEP and Host TEP tunnel config and troubleshooting is much more understandable and verifiable

Traffic flow introspection topology visibility is definitely needed because at the moment, NSX-T lacks in this area.

A hardware scan of the ESXi host for possible incompatibilities should be added to NSX-T/vSphere, as it would allow us to know in advance, for example, if a pNIC is not compatible with a version of vSphere before moving forward with an NSX-T deployment. 

It needs a better, integrated migration tool. Something like RestNSX with more elaborate capabilities from a troubleshooting perspective and pre-migration perspective would be an improvement.

I have used this solution version most recently, as it has not been out that long.

Many companies are moving to v3 and v3.01

N-VDS will be depreciated in newer versions and integrated within the standard VDS

From a recoverability standpoint, if designed correctly and perhaps if VMware SRM is integrated with NSX-T, it would help the stability of workload availability.

From a routing perspective, NSX-T must be designed for redundancy with cross/overlapping uplinks from the edge nodes to your L3 upstream devices. Routing will be more reliable with default routes in place. Hardware compute and compatibility with the solution is critical for good communication via the  nsx overlay network.  Overall this solution is very scalable

NSX-T is extremely scalable as a solution. Make sure that you plan your IP pools accordingly in advance if you plan to add many transport ESXi nodes in the future.

VMware Global support for NSX-T/V is exceptional.

We have never used any other solution. NSX is the premier product in this space.

The initial setup will go smoothly if the design of the solution was done correctly. 

NSX-T can be complex if the discovery phase was not granular enough.

We implemented it with an in-house team.

Customers will better be able to determine ROI once they have been running the solution for a year or so. How much they will have from the Capex perspective will have to be calculated.

My advice is to make sure that you properly scope the project from both hardware and network requirements. NSX-T can be complicated if it is not designed correctly.

Some customers are evaluating Gardicore vs NSX.

Gardicore is a great tool for micro-segmentation only. It can fill in many gaps that NSX-T misses with its native micro-seg capabilities.

An NSX-T solution requires a solid understanding of routing/switching, IP pools, local egress, and solution design to be successful. It takes a team of both VMware and Cisco folks to collaborate to get it done right the first time.

As a customer, make sure you are hiring the best resources.