Evolving NSX Integration with VM-Series Virtual Firewalls

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
L3 Networker

Title_NSX-Integration-VM-Series-Virtual-Firewalls_palo-alto-networks.jpg

 

This blog was written in collaboration with Lee Space and Steve Yurkunas.

 

 

VMware (now part of Broadcom) recently announced on January 23, 2024, that the company will be discontinuing the support for Network Introspection (Service Insertion) for VMware NSX beyond 4.x. To see the details stating “VMware does not intend to provide support for Network Introspection for Security Vendors after the l...” (See note 7 for Service Insertion Integrations for Distributed Network Introspection for Security)

 

Palo Alto Networks VM-Series enjoy and will continue a tight technology partnership with VM-Series for VMware vSphere hypervisor (ESXi) and VM-Series for VMware NSX.

 

Currently, the VM-Series integration with NSX is based on their Service Insertion capability. 100s of Palo Alto Networks customers currently use VM-Series on NSX to protect workloads running on NSX, including workloads running on the latest NSX 4.1 release.  To learn more about the integration, please check out the VM-Series on NSX Reference Architecture

 

With VMware’s discontinuance of NSX support for Service Insertion (beyond 4.x, timing controlled by VMware), customers won’t be able to leverage VM-Series to protect their workloads running on NSX. This will not only impact integration between VM-Series virtual firewalls and NSX but all other third-party security vendors as well. 

 

Palo Alto Networks will continue to support NSX versions as long as VMware continues to Support Service Insertion for third-party vendors. Additionally, we will continue to support the VM-Series hypervisor support to learn about all the versions compatible with VM-Series.  

 

Palo Alto Networks Recommendation

 

Current customers using VMware NSX beyond 4.x with VMware ESXi/vSphere may continue to, or choose to reimplement, VM-Series virtual firewalls for their ESXi workloads with VM-Series for VMware vSphere hypervisor (ESXi) architecture.

 

Additionally, if any customers decide to switch the hypervisor to Nutanix AHV and FLOW, or Cisco ACI, VM-Series virtual firewalls are supported on those platforms. Please check out the VM-Series Supported Environments webpage to learn about platforms supported by VM-Series virtual firewalls. 

 

While the customers won’t be able to use VM-Series beyond NSX 4.X, once service insertion is discontinued, customers can continue to run VM-Series on the following hypervisors and software-defined network technologies: 

 

  • VM-Series on VMware vSphere hypervisor (ESXi)
  • VM-Series on KVM
  • VM-Series on Nutanix AHV and Nutanix FLOW
  • VM-Series on Hyper-V
  • VM-Series on OpenStack
  • VM-Series on ACI
  • 4733 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels