{"id":1442,"date":"2025-05-13T15:31:21","date_gmt":"2025-05-13T15:31:21","guid":{"rendered":"https:\/\/bogdanburuiana.com\/?p=1442"},"modified":"2025-12-29T15:58:43","modified_gmt":"2025-12-29T15:58:43","slug":"nsx-t-is-not-just-networking-anymore","status":"publish","type":"post","link":"https:\/\/bogdanburuiana.com\/index.php\/2025\/05\/13\/nsx-t-is-not-just-networking-anymore\/","title":{"rendered":"NSX-T is not just Networking anymore"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<p>When people first hear about NSX-T, they usually think &#8220;overlay networking and firewalls&#8221;. That&#8217;s true, but incomplete. In real environments, NSX-T quickly becomes a control plane for how applications are allowed to exist.<\/p>\n\n\n\n<p>The moment you introduce Distributed Firewall (DFW), networking stops being something that only network teams touch. Security, application owners, and even automation pipelines start to care.<\/p>\n\n\n\n<p>A classic 3-tier application: WEB VMs -&gt; APP VMs -&gt; DB VMs<\/p>\n\n\n\n<p>Traditional setup: 3 VLANs; Perimeter firewall rules; Broad &#8220;allow&#8221; rules inside the data center<\/p>\n\n\n\n<p><strong>With NSX-T<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"537\" height=\"682\" src=\"\/wp-content\/uploads\/2025\/12\/image.png\" alt=\"\" class=\"wp-image-1443\" srcset=\"\/wp-content\/uploads\/2025\/12\/image.png 537w, \/wp-content\/uploads\/2025\/12\/image-236x300.png 236w\" sizes=\"(max-width: 537px) 100vw, 537px\" \/><\/figure>\n\n\n\n<p>All VMs can live in the same segment, while DFW controls east-west traffic.<\/p>\n\n\n\n<p><strong>Pros<\/strong><\/p>\n\n\n\n<ul>\n<li>Fine-grained security without VLAN sprawl<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Application-centric policies<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Easier audits<\/li>\n<\/ul>\n\n\n\n<p><strong>Cons<\/strong><\/p>\n\n\n\n<ul>\n<li>Requires upfront design<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Poor tagging = poor security<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Troubleshooting shifts from &#8220;network&#8221; to &#8220;policy logic&#8221;<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p>NSX-T should not be approached as a networking add-on. It fundamentally changes how infrastructure teams think about responsibility and ownership. When adopted intentionally, it simplifies operations and improves security.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When people first hear about NSX-T, they usually think &#8220;overlay networking and firewalls&#8221;. That&#8217;s true, but incomplete. In real environments, NSX-T quickly becomes a control plane for how applications are allowed to exist. The moment you introduce Distributed Firewall (DFW), networking stops being something that only network teams touch. Security, application owners, and even automation [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/posts\/1442"}],"collection":[{"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/comments?post=1442"}],"version-history":[{"count":2,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/posts\/1442\/revisions"}],"predecessor-version":[{"id":1446,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/posts\/1442\/revisions\/1446"}],"wp:attachment":[{"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/media?parent=1442"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/categories?post=1442"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bogdanburuiana.com\/index.php\/wp-json\/wp\/v2\/tags?post=1442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}