Deploy NSX-T only for DFW


I’m really confused about NSX-T installation process. I spend few week reading official documentation and checking blogs about the processs and at this point I still don’t know what its necessary or not.

We want to deploy NSX-T to use the distributed firewall features in our VDI cluster, We want for example block outgoing rdp connections and use IDFW to allow it per role basis. The pure networking part will arrive later 2020 because we are dealing with the networking team how to deploy and manage it and they see all that don’t have a Cisco badge as evil…

So my question is, We need to deploy N-VDS or any transport zone to use the security features or we should only deploy the management cluster and register the compute manager (vCenter). Is necessary to make some host preparation like in NSX-V?


View Reddit by desertspotterView Source

Related Articles

One Comment

  1. Unfortunately, unlike in V you can’t just prep the hosts and get an easy DFW.
    The DFW in NSX-T requires the use of the N-VDS, so any workloads you wish to protect must be on an Overlay or VLAN backed Portgroup, participating in a Transport Zone, on an N-VDS.

Leave a Reply

Your email address will not be published. Required fields are marked *