With the acquisition of Arkin Net in June 2016, VMware got its hands on a new product that provides customers with...
exactly what its name implies: Network Insight. VMware's version of this product, vRealize Network Insight 3.0.0, presents customers with a holistic view of the network by showing both the virtual and physical sides of the data center. Customers can plan new deployments with the information they collect, such as setting up microsegmentation when switching to network virtualization. VRealize Network Insight can also help manage your network virtualization with NSX.
I recently ran vRealize Network Insight through its paces in my testing lab to see what the product has to offer, and also tried out vRealize Network Insight's own hands-on lab.
VRealize Network Insight features
After deploying vRealize Network Insight, I had to connect the product to components in the data center, including vCenter servers, NSX Manager, physical switches, layer 3 devices, Cisco UCS Manager and more. It then began collecting data from those sources. From there, you can use the browser-based interface to assess what's happening on the network. This goes really deep, allowing users to zoom in on components in their network. As shown in Figure A, the output of the Analyze Flows feature shows that there is traffic flowing from one subnet to another. Clicking the diagram reveals more information about the types of traffic and the machines involved.
This functionality may seem similar to what a NetFlow collector would do, which is VMware's intent. VRealize uses Internet Protocol Flow Information Export (IPFIX) -- largely considered to be the successor to NetFlow, so much so that it's often referred to as "NetFlow v10" -- to integrate with vSphere Distributed Switches. When connecting to vCenter as a data source, IPFIX configures the distributed switches to send traffic flow information to vRealize Network Insight. You can also verify this in the distributed switch configuration shown in Figure B.
The collected data can also show customers anomalies in their network. For example, let's say your company has a policy to not use Secure Shell to connect to ESXi hosts; the data collected through the network flow analysis feature could indicate if that policy was breached. You can take a closer look at the communications that occurred as well as the amount of traffic by zooming in on the offending machine. In Figure C, you can see more information about this feature.
With the data collected from vCenter, physical switches and layer 3 devices, customers now have a full view of all of the virtual LANs, subnets, firewalls and the flow between all of these entities. With this information, the special Plan Security feature can be used to display network microsegments. That information can be further analyzed to determine where firewalls are needed, which ports are being used between these networks and which network entities are actually communicating.
Not only does the Plan Security feature show network flows, the product also shows the full inventory of the vSphere environment, including VMs, hosts, data stores and more. This allows administrators to look directly at resource usage for components such as CPU, memory usage and data store capacity. With this feature, users can browse through the environment using the links between all these objects. So, when looking at a VM, vRealize Network Insight provides a direct link to the ESXi host running the VM. This is useful when troubleshooting an environment. VRealize Network Insight also shows related problems and events for all of these objects; this makes troubleshooting possible from this single interface.
Figure D shows two VMs with their interconnected path -- this is the path feature -- and it shows problems related to these machines. This picture is taken from the hands-on labs that allow you to experience the product yourself in a live environment.
VRealize Network Insight collects information from the NSX Manager, showing the setup and topology of all of the NSX components, such as controllers and edge devices, as shown in Figure E. It also helps with troubleshooting an NSX environment because it lists any setup and topology errors in the interface.
Test drive it yourself
The easiest way to try vRealize Network Insight is to enroll in a recently released hands-on lab. These hands-on labs are free of charge and available at any time. In order to enroll in any of the labs, you'll need to sign up for an account. Once you've created an account, search for HOL-1729-SDC-1 or type "Network Insight" into the search box, as shown in Figure F.
The hands-on lab walks you through the three main areas of the product: microsegmentation planning, network visibility and NSX management. The entire lab takes about 90 minutes to complete.
VMware does not provide a downloadable evaluation version of vRealize Network Insight. VMware partners might, however, be able to download the product themselves -- I'm fairly certain that if customers ask their Technical Account Manager for help, they should be able to gain access to the software. Deploying the setup is simple, just follow the installation workflow -- shown in Figure G -- from the setup guide.
First, deploy the platform appliance; when that boots, enter a license to activate the product. Once that's done, deploy the proxy appliance and, during deployment, use the shared secret created when setting up the first appliance. Once the proxy boots, it will be automatically detected. The product should now be available.
A tip for deploying vRealize Network Insight in your environment: The two VMs are large; even the medium-sized install choice for the platform appliance configures a VM with 8 virtual CPUs and 32 GB of RAM. Both VMs are configured with a reservation for CPU and 16 GB of RAM, so when deploying in a cluster, this might set your cluster's slot size to an inefficient value, conflicting with the admission control policy. Either modify the reservations to suit your needs or modify the admission control policy when needed.
Once deployment is complete, connect your vCenter servers and other data sources to start collecting data.
Increase SDDC efficiency and security with NSX virtualization
VMware's Arkin Net acquisition bridges gap between virtual and physical infrastructure
Network visibility is essential to information security