VMware NSX-T Data Center 3.2 and more Released
VMware has released NSX-T Data Center 3.2, NSX Intelligence 3.2 and HCX 4.3.0.
NSX-T Data Center 3.2
The is a new major release, that has a lot of new features.
I also have an update version of log4j vesion 2.16.
What’s New:
- Switch agnostic distributed security:
- Ability to extend micro-segmentation to workloads deployed on vSphere networks.
- Gateway Security:
- Enhanced L7 App IDs, Malware Detection and Sandboxing, URL filtering, User-ID firewall, TLS inspection (Tech Preview) and Intrusion Detection and Prevention Service (IDS/IPS).
- Enhanced Distributed Security:
- Malware detection and Prevention, Behavioral IDS/IPS, enhanced application identities for L7 firewall.
- Improved integration with NSX Advanced Load Balancer (formerly Avi):
- Install and configure NSX ALB (Avi) from NSX-T UI; Migrate NSX for vSphere LB to NSX ALB (Avi).
- NSX for vSphere to NSX-T Migration:
- Major enhancements to the Migration Coordinator to extend coverage of supported NSX for vSphere topologies and provide flexibility on the target NSX-T topologies
There are many more new features/capabilities in this release.
See the release notes here.
NSX Intelligence 3.2
This in not a Virtual appliance, but must be deployed in a Kubenetes Cluster.
What’s new:
- NSX Intelligence Platform and Form Factor Changes
- New Scale-out Architecture
- To achieve higher scale and additional functionality, NSX Intelligence now runs on the NSX Application Platform. Starting with the 3.2 release, NSX Intelligence is no longer offered as an independent appliance (OVA) installation. Please note that since the NSX Application Platform runs on Kubernetes, a Kubernetes cluster must be already deployed and available prior to the installation of the NSX Application Platform and NSX Intelligence. See the following documentation for more information.
- NSX Intelligence Migration from Appliance to NSX Application Platform
- When installing NSX Intelligence 3.2.0, you have the option to migrate and retain all historical data from your existing NSX Intelligenace 1.2.x installation. See the Upgrading NSX Intelligence section of the Activating and Upgrading VMware NSX Intelligence documentation for details.
- NSX Intelligence integration with vSphere Lifecycle Manager
- You can now run NSX Intelligence with ESX clusters that are vSphere Lifecycle Manager enabled.
- NSX Intelligence Data Collection Settings
- Provides the ability for you to selectively enable NSX Intelligence to collect data on a subset of ESXi hosts or clusters of hosts, which aids in scale management and license compliance. See Configure NSX Intelligence Settings for details.
- New Scale-out Architecture
- NSX Intelligence Visualizations
- Workload View Enhancements:
- Details about User Logout Time and VM Tools Version are added.
- Shows the latest group information for a unique flow.
- Shows aggregated flow attributes (Source and Destination IP addresses, Users, Process, FQDN, and more details) about a flow when you select Flow Details from a node’s contextual menu.
- Canvas View Enhancements: Enhances the Public IPs Group to specify an exact list of public IP addresses that are communicating to NSX objects in your NSX-T Data Center.
- Performance: Improved performance when loading the landing page views for the compute and group views.
- Workload View Enhancements:
- NSX Intelligence Recommendations
- Group re-use partial match based on user-configured threshold .
- Section re-use, if a recommended rule applies to an existing section, recommendation can update the rules in that section. If there is a new service, recommendation will create a new rule in that section.
- Network Traffic Analysis
- Detectors have been added to the network traffic analysis capability to increase the number of detectors to 14. The feature is now available from the Security > Suspicious Traffic section of the NSX Manager UI. For details, see the Detecting Suspicious Network Traffic in NSX-T Data Center section of the Using and Managing VMware NSX Intelligence documentation.
- Data Upload/Download
- Destination IP Profiler
- DNS Tunneling
- Domain Generation Algorithm
- Netflow Beaconing
- Port Profiler
- Server Port Profiler
- Unusual Network Traffic Pattern
- Detectors have been added to the network traffic analysis capability to increase the number of detectors to 14. The feature is now available from the Security > Suspicious Traffic section of the NSX Manager UI. For details, see the Detecting Suspicious Network Traffic in NSX-T Data Center section of the Using and Managing VMware NSX Intelligence documentation.
See the full release notes here.
HCX 4.3.0
This is mostly a maintenance release, with a few new features.
See the release notes here.