NSX 6.2 Functions

NSX for vSphere 6.2
Feature Standard Advanced Enterprise
Hypervisors Supported      
Platform      
ESXi 5.5 Yes Yes Yes
ESXi 6.0 Yes Yes Yes
vCenter 5.5 Yes Yes Yes
vCenter 6.0 Yes Yes Yes
Cross vCenter Networking & Security No No Yes
Controller Architecture      
NSX Controller Yes Yes Yes
Universal Controller for X-VC No No Yes
Optimized ARP Learning, BCAST suppression Yes Yes Yes
Switching      
Encapsulation Format      
VXLAN Yes Yes Yes
Replication Mode for VXLAN      
Multicast Yes Yes Yes
Hybrid Yes Yes Yes
Unicast Yes Yes Yes
Overlay to VLAN bridging      
SW Bridge (ESXi-based) Yes Yes Yes
Hardware VTEP (OVSDB) with L2 Bridging No No Yes
Universal Distributed Logical Switching (X-VC) No No Yes
Multiple VTEP Support Yes Yes Yes
Routing      
Distributed Routing (IPv4 Only)      
Distributed Routing – Static Yes Yes Yes
Distributed Routing – Dynamic Routing with BGP Yes Yes Yes
Distributed Routing – Dynamic Routing with OSPF Yes Yes Yes
Equal Cost Multi-Pathing with Distributed Routing Yes Yes Yes
Universal Distributed Logical Router (X-VC) No No Yes
Dynamic Routing without Control VM (Static Only) Yes Yes Yes
Active-standby Router Control VM Yes Yes Yes
Edge Routing (N-S)      
Edge Routing Static – IPv4 Yes Yes Yes
Edge Routing Static – IPv6 Yes Yes Yes
Dynamic Routing with NSX Edge (BGP) IPv4 Yes Yes Yes
Dynamic Routing with NSX Edge (OSPFv2) IPv4 Yes Yes Yes
Equal Cost Multi-Pathing with NSX Edge Yes Yes Yes
Egress Routing Optimization in X-VC No No Yes
DHCP Relay Yes Yes Yes
Active-Standby NSX Edge Routing Yes Yes Yes
VLAN Trunk (sub-interface) support Yes Yes Yes
VXLAN Trunk (sub-interface) support Yes Yes Yes
Per Interface RPF check on NSX Edge Yes Yes Yes
Services      
NAT Support for NSX Edge      
NAT Support for NSX Edge Yes Yes Yes
Source NAT Yes Yes Yes
Destination NAT Yes Yes Yes
Stateless NAT
ALG Support for NAT Yes Yes Yes
DDI      
DHCP Server Yes Yes Yes
DHCP Relay Yes Yes Yes
DNS Relay Yes Yes Yes
VPN      
IPSEC VPN No No Yes
SSL VPN No No Yes
L2 VPN (L2 extension with SSL VPN) No No Yes
802.1Q Trunks over L2 VPN No No Yes
Security      
Firewall – General      
Single UI for Firewall Rule Enforcement – NS+ EW No Yes Yes
Spoofguard No Yes Yes
Firewall Logging Yes Yes Yes
Rule Export No Yes Yes
Auto-save & Rollback of Firewall rules No Yes Yes
Granular Sections of Firewall rule table No Yes Yes
Distributed Firewall      
DFW – L2, L3 Rules No Yes Yes
DFW – vCenter Object Based Rules No Yes Yes
Identity Firewall Rules (AD Integration) No Yes Yes
IPFix Support for DFW No Yes Yes
Context-based control of FW enforcement
(applied to objects)
No Yes Yes
Edge Firewall      
Edge Firewall Yes Yes Yes
Edge High-Availability Yes Yes Yes
Service Composer      
Security Policy Yes Yes Yes
Security Tags Yes Yes Yes
vCenter Object based security groups Yes Yes Yes
IPSet, MACset based security groups Yes Yes Yes
Data Security      
Scan Guest VMs for Sensitive Data No Yes Yes
Third Party Integration      
Endpoint Service Insertion – Guest Introspection Yes Yes Yes
Network Service Insertion No Yes Yes
Public API based Integration Yes Yes Yes
Load-Balancing      
Edge Load-Balancing      
Protocols
TCP (L4 – L7) No Yes Yes
UDP No Yes Yes
FTP No Yes Yes
HTTP No Yes Yes
HTTPS (Pass-through) No Yes Yes
HTTPS (SSL Termination) No Yes Yes
LB Methods No Yes Yes
Round Robin No Yes Yes
Src IP Hash No Yes Yes
Least Connection No Yes Yes
URI, URL, HTTP (L7 engine) No Yes Yes
vCenter Context-aware LB No Yes Yes
L7 Application Rules No Yes Yes
Health Checks
TCP No Yes Yes
ICMP No Yes Yes
UDP No Yes Yes
HTTP No Yes Yes
HTTPS No Yes Yes
Connection Throttling No Yes Yes
High-Availability No Yes Yes
Monitoring
View VIP/Pool/Server Objects No Yes Yes
View VIP/Pool/Server Stats No Yes Yes
Global Stats VIP Sessions No Yes Yes
Distributed Load-Balancing      
L4 Load-balancing No No Yes (tech-preview)
Health checks No No Yes (tech-preview)
Operations      
Tools      
Tunnel Health Monitoring No No No
TraceFlow Yes Yes Yes
Port-Connections Tool No No No
Server Activity Monitoring No Yes Yes
Flow Monitoring No Yes Yes
IPFix (VDS Feature) Yes Yes Yes
VMware Tools      
vR Operations Manager Yes Yes Yes
vR Log Insight Yes Yes Yes
Cloud Management Platform      
vRealize Automation      
Logical Switch Creation Yes Yes Yes
Distributed router creation Yes Yes Yes
Distributed firewall security consumption No Yes Yes
Load-balancing consumption No Yes Yes
App Isolation No Yes Yes
VMware Integrated OpenStack (Neutron Plugin)      
VLAN Provider Networks Yes Yes Yes
Overlay Provider Networks Yes Yes Yes
Overlay Tenant Networks Yes Yes Yes
Metadata Proxy Service Yes Yes Yes
DHCP Server Yes Yes Yes
Neutron Router – Centralized – Shared Yes Yes Yes
Neutron Router – Centralized – Exclusive Yes Yes Yes
Neutron Router – Distributed Yes Yes Yes
Static Routes on Neutron Router Yes Yes Yes
Floating IP Support Yes Yes Yes
No-NAT Neutron Routers Yes Yes Yes
Neutron Security Groups using Stateful Firewall No Yes Yes
Port Security Yes Yes Yes
Neutron L2 Gateway Yes Yes Yes
Load Balancing (LBaaS) Yes Yes Yes
Admin Utility ( Consistency Check, Cleanup) Yes Yes Yes
Cross VC Logical Networking and Security No No No

Source: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2145269

NSX Design Notes (7/10) – VPN
VMWare NSX
No tags for this post.

Leave a Comment