VMware NSX has been a regular Packet Pushers podcast sponsor, so I’ll assume you’ve got a handle on what NSX is all about. What Arkin brings to the party is more capable management of your NSX environment.
In a blog announcing the acquisition, VMware highlighted two key uses for Arkin.
1. Simplified visualization of a complex virtual environment. The big idea is to see how traffic is flowing between endpoints, including the VXLANs, VLANs, and firewall policies involved. You end up with correlation of the overlay and underlay, a holy grail item for the virtualized data center.
Such correlations are becoming more common, as overlay and underlay networks create a dependency tree that must be understood when troubleshooting data center performance issues. Similar visualizations exist with Cisco ACI and Big Switch Network’s Big Cloud Fabric, for example.
I’m unclear on how deeply Arkin can see into physical switch gear that exists outside of the VMware management domain.
2. Planning microsegmentation. Microsegmentation is walling off every virtual machine from every other using a centrally managed firewall policy. The trick is getting that firewall policy built to begin with — a daunting task that is progressively difficult the larger the number of endpoints involved.
Arkin will analyze existing traffic and recommend a baseline firewall policy to assist in deployment of microsegmentation. Once a microsegmentation firewall policy has been deployed, Arkin will monitor the environment to ensure long-term policy compliance.
NSX customers – how do you get Arkin?
VMware tells me that the Arkin package will be an add-on purchase for NSX customers available for individual sale at this time. Eventually, Arkin will be available as part of the vRealize Suite, which can be bought as a complete bundle or as individual vRealize Suite components.
For more information.