While VMware's NSX 6.1 update to its network virtualization offering put distributed firewall capabilities into...
the hypervisor, there are some other key networking features that need to be constructed and managed from outside the hypervisor.
One NSX feature dubbed NSX Edge contains several security and gateway services to both sequester the virtualized network and also connect remote networks through various gateway services. To get virtual machines (VMs) to communicate to both the physical and the logical network, the administrator needs to have an NSX Edge gateway to open these communication pathways.
Among other things, the NSX Edge can handle DHCP, VPN, dynamic routing and load balancing for applications. With NSX Edge, a company that deals with multiple tenants in a cloud environment can use the isolation functionality to keep each tenant away from other networks in the data center.
Hans Bernhardt, systems engineer at VMware, gave himself at crash course at learning virtualized networking in NSX and shared his experiences in a presentation where he explained the concepts at the New England VTUG Winter Warmer conference in January. Bernhardt shed some more light on the details behind an NSX Edge gateway.
"The edge services gateway is a virtual machine that acts like an appliance that can do the functions of Layer 3 routing or firewalling or site-to-site VPN or load balancing and more," Bernhardt said. He added that the advantage of having gateway functionality in a VM means you can always spin up a new VM when you want to add services.
For companies that want to use load balancers from other companies rather than the NSX load balancers, VMware has partnerships with various companies, such as F5, to enable these third-party products to be added to the virtual network via NSX Edge.