The NSXninjas Podcast – Episode 0005 – NSX and Work From Home Security Tips w/ Geoff Wilmington

In this episode of The NSXninjas Podcast, special guest Geoff Wilmington talks “Work from Home” use-cases for NSX security and how organizations can quickly implement these security postures without changes to the underlying infrastructure to provide simple, dynamic, scalable security for organizations of all sizes.

– Host: Erik Hinderer –

– Co-host: Jim Streit –

– Special Guest: Geoff Wilmington, NSX Technical Product Manager –

VDI Segmentation in Minutes with VMware NSX

Securing VDI workloads with VMware NSX is incredibly easy and quick. In this post, I’ll demonstrate how to implement segmentation for VDI workloads to prevent undesirable and unintended VDI to VDI communications.

In most environments, there are more users than applications and the number of desktops greatly outnumbers servers. Thus, the attack surface for user compute workloads is much larger and poses a much greater risk to the majority of organizations. Being able to quickly and easily implement scalable and dynamic security to prevent VDI to VDI risks is key to any solution and VMware NSX does this without any changes to the user compute workloads or underlying network.

Let’s take a look at what we need to do to create VDI segmentation with VMware NSX for vSphere.

After logging into the vSphere web client, we click on Menu and navigate to Networking and Security. Click the Firewall menu item on the left to display the NSX Distributed Firewall interface. We add a firewall rule section named VDI and then create a blocking rule for VDI to VDI traffic, using NSX Security Groups with dynamic membership based on a string of characters in the VM name, such as “vdi”. We then create an allow rule above the block rule, for any intended VDI to VDI communications traffic, which is usually, Skype, Slack or the like.

That’s it folks. It’s that simple. A VDI to VDI block rule based on a string of characters in the name, which provides dynamic addition of any VDI desktops to the security policy, as they are created and destroyed.

Check out this video of the entire process and see how you can achieve VDI segmentation in Minutes with VMware NSX for vSphere:

There are a large number of VDI environments running NSX for vSphere, as it offered client endpoint antivirus protection integrations early on in SDN, that are massively beneficial from a standpoint of architecture and performance. These same capabilities are now available in NSX Data Center and any new VDI deployments are certainly taking advantage of the all the improvements in NSX-T.

With that said, after a bit of thought, it seemed logical to create this blog and demo video in NSX for vSphere. While the process for creating VDI segmentation in NSX Data Center (NSX-T) may vary by a few steps, the implementation is just as simple as NSX for vSphere. Anyone that’s using NSX Data Center can create the same rules in NSX-T. …and should.

Simple. Quick. Scalable. …that’s VMware NSX.

The NSXninjas Podcast – Episode 0004 – NSX-v to NSX-T Migrations w/ Andrew Voltmer, NSX Product Manager

In this episode of The NSXninjas Podcast, special guest and subject matter expert, Andrew Voltmer joins us to discuss NSX-v to NSX-T migration options, methods and best practices. If you’re planning a migration or have one on the horizon, this show is a must. Not to mention, Andrew shares an enlightening and worthy PSA at the end of the show, so make sure to listen in and give it some consideration. We’re all in this together!

– Host: Erik Hinderer –

– Co-host: Jim Streit –

– Special Guest: Andrew Voltmer, NSX Product Manager for VMware –

The NSXninjas Podcast – Episode 0003 – NSX Intelligence with Marcos Hernandez

In this episode of The NSXninjas Podcast, special guest Marcos Hernandez breaks down NSX Intelligence, the business problems it solves and how AI/ML provides the fastest path to achieve and maintain security compliance with micro-segmentation.

  • 1
  • 2