Tag: NSX Series
-
NSX 9 Backup and Restore: Config Protection, SFTP Targets and the Passphrase Trap (NSX Series, Part 19)
How NSX 9 backup and restore actually works in VCF 9: the three backup types, SFTP target design, the exact-version restore requirement, and the passphrase that quietly decides whether your backup is worth anything.
-
NSX 9 Monitoring and Operations: Traceflow, Alarms and Operations for Networks (NSX Series, Part 18)
The tools that turn NSX from a black box into something you can actually see: Traceflow, Live Traffic Analysis, IPFIX, alarms and health, and Operations for Networks.
-
NSX 9 VPN: IPSec and L2VPN, Policy-Based vs Route-Based (NSX Series, Part 17)
NSX runs site-to-site IPSec and L2VPN on the Edge. Policy-based vs route-based IPSec, when each fits, and how L2VPN stretches Layer 2 across sites for migration and DR.
-
NSX 9 Advanced Load Balancer (Avi): Architecture and How It Plugs Into NSX (NSX Series, Part 16)
Avi is the strategic load balancer for NSX 9: a controller control plane and elastic service engines. How it is built, how it integrates with NSX, and how a request flows.
-
NSX 9 Distributed IDS/IPS and Malware Prevention: From Allow-Deny to Detect-and-Stop (NSX Series, Part 15)
Distributed IDS/IPS and malware prevention add threat inspection to the NSX security stack. Detect vs prevent mode, signatures, the ATP and NDR picture, and how to roll it out safely.
-
NSX 9 Gateway Firewall and Perimeter Policy: North-South Security at the Edge (NSX Series, Part 14)
The Gateway Firewall secures north-south traffic at the Tier-0 or Tier-1, separate from the Distributed Firewall. How it differs from the DFW, where it runs, and defense in depth.
-
NSX 9 Distributed Firewall Fundamentals: Categories, Applied-To and Zero Trust (NSX Series, Part 12)
The Distributed Firewall puts stateful enforcement at every vNIC. Rule categories and order, the anatomy of a rule, why Applied-To matters most, and the zero-trust pivot.
-
NSX 9 NAT, DHCP and DNS Forwarder: The Gateway Services That Need the Edge (NSX Series, Part 11)
NAT, DHCP and the DNS forwarder are the first services that require a service router on the Edge. NAT types and the active-active trap, DHCP modes, and DNS forwarding.
-
NSX 9 Tier-1 Gateways and East-West Routing: DR, SR and the Hairpin Trap (NSX Series, Part 10)
The Tier-1 is half distributed router, half service router, and knowing the difference decides whether east-west traffic stays local or hairpins to the Edge.
-
NSX 9 Tier-0 Gateways and North-South Routing: BGP, ECMP and VRF (NSX Series, Part 9)
The Tier-0 is where NSX peers with your physical fabric. BGP design, ECMP and the URPF trap, route redistribution, and VRF-Lite for multi-tenant routing.
Architect’s Toolkit
VMware Cloud Foundation
- VCF Documentation
- VCF 9 Planning & Preparation Workbook
- VCF Bill of Materials (BoM)
- VMware Compatibility Guide
- VMware Interoperability Matrix
- VMware Configuration Maximums
- VMware Ports & Protocols
- VMware Hands-on Labs
- RVTools Download
Nutanix
AI & Cloud-Native Platform
- AI Infra Sizing & Cost Calculator
- NVIDIA Build (Model Catalog)
- NVIDIA AI Enterprise Reference Architecture
- NVIDIA NIM Performance Benchmarking
- NVIDIA NGC Catalog
- NeMo Microservices Helm Chart
- Helm Charts Repository
- Hugging Face Models
Architecture & Design
About the Author
Dr Pranay Jha
Dr. Pranay Jha is a Cloud and AI Consultant with 18+ years of experience in hybrid cloud, virtualization, and enterprise infrastructure transformation. He specializes in VMware technologies, multi-cloud strategy, and Generative AI solutions. He holds a PhD in Computer Applications with research focused on Cloud and AI, has published multiple research papers, and has been a VMware vExpert since 2016 and a VMUG Community Leader.
You May Have Missed
