The 6.2.3 version of NSX for vSphere was released yesterday (June, 9th 2016). NSX is VMware’s solution to virtualize network and security for your software-defined data center. NSX network virtualization decouples the network from hardware into a software abstraction layer which allows you to programmatically create, provision, and manage your networks.
Although considered as a minor release, NSX 6.2.3 brings a lot of enhancements.
What’s New in NSX 6.2.3?
- NSX Hardware Layer 2 Gateway integration (a.k.a. Hardware VTEP support): expands physical connectivity options by integrating 3rd-party hardware gateway switches into the NSX logical network. The use cases for the hardware layer 2 gateways are migration of workloads and the integration of non-virtualized workloads (such as physical servers or security devices).
- Edge Firewall SYN flood protection to protect VMs from North-South SYN-Flood attacks
- Meant for transit traffic that goes through the edge to a VM (and doesn’t end with to NAT or load balancing services)
- Prevent DoS/DDoS attacks on applications
- Increase security for public-facing workloads
- Edge Appliances upgrade and redeploy behavior: improved availability with replacement Edge VMs deployed before upgrade and redeploy operations.
- NSX Dashboard: simplifies troubleshooting by providing visibility into the overall health of NSX components in one central view, a new dashboard in the user interface displaying real-time status of the NSX platform.
- SNMP support: configure SNMP traps for NSX events (system events related to hypervisors, controllers, edges and NSX Manager can be send as traps).
- SNMPv2c support
- Distributed Firewall TFTP Application Layer Gateway (ALG), in addition to FTP, CIFS, ORACLE TNS, MS-RPC, SUN-RPC already present in 6.2.2
- Central CLI enhancements with host health status and central packet capture.
- New licensing model, with 3 different editions (Standard, Advanced and Enterprise): all existing customers that have bought NSX prior to this licensing change are automatically granted NSX Enterprise edition.
- Default VXLAN Port changed to 4789
- NSX Edge on demand failover
- Traceflow visibility through 3rd party network introspection services
- NSX Edge DHCP enhancements: DHCP option for static route, PXE Boot, increase in DHCP pool
- Enhanced Communication Chanel Health Checks
- Flow Monitoring enhancement with live flow filtering
- SSLVPN refresh on client support (support for Mac OS El Capitan) and security
- Service Composer performance improvements
- Guest Introspection support for Windows 10 (leveraging Microsoft WFP)
- Distributed Load Balancing enhancements (still in Tech Preview)
Resources: NSX for vSphere 6.2.3 Releases Notes.