VMware NSX

VMware NSX

Dashboard and Browsers

Change Tracking
Policy Analysis
Risk
Dashboard
Violations
Cleanup

Change Management

Change Management
Graphical Policy
Real-time Monitoring
Accountability - Installed Revisions
Display IPv6 objects
Create SecureChange ticket from Policy Browser for:
Rule Decommission
Rule Recertification

Policy Analysis

Policy Analysis
Object Lookup

Auditing and Reporting

Auditing and Reporting

Topology

Static Topology
BGP Dynamic Routes

Notes for VMware NSX:

  • Real-time monitoring uses device polling.

  • These features are not supported: unused objects cleanup, offline analysis.

  • "Applied to" criteria in Policy Analysis is only supported in view mode.

  • Topology support only includes North-South connectivity and, in topology diagrams, traffic inside a logical switch will be seen as passing logical router.

  • For Auditing and Reporting, these features are supported: Regulations browser, Policy Browser (formerly Rule Documentation), New Revision report.

  • Dynamic Topology (BGP dynamic routing) is supported for NSX-T

  • To conform with recommendations from VMWare, in TOS R21-1 and later, new NSX-T devices are automatically configured with Declarative (Policy) APIs. Devices that were previously added using Imperative APIs will continue to work. In the Device Manager, the name of a device indicates whether the device is configured with a Declarative or Impertitive API.

    To convert a device that was previously added using Imperative APIs to Declarative APIs you need to add the device as a new device, and remove or disable the old instance of the device.

  • In NSX-T Devices, support for dynamic Security Groups based on tags set in the device.