If you are a NSX customer one of the biggest show stopper for upgrading to vSphere 6.7 was that NSX 6.4.0 only was supported up to vSphere 6.5. Now with the availability of NSX 6.4.1 this is gone. But this is not the only good news. NSX 6.4.1 includes many new features.

 

Read more to find out whats new within HTML5 Client support, Identity Firewall and much more…

Compatibility

NSX 6.4.1 actually supports the following vSphere versions:

  • vSphere 6.0
    • min. 6.0 Update 2 -> See VMware KB2144605 (Issue: duplicate VTEPs – fixed in 6.0U3)
    • 6.0 Update 3
  • vSphere 6.5
    • min. 6.5a -> See VMware KB2135378 (Issue: EAM OutOfMemory Error – fixed in 6.5U1)
    • 6.5 Update 1 and higher
  • vSphere 6.7

Security

NSX extended the Context-Aware Firewall and the Identity Firewall

  • Context-Aware Firewall
    Additional Layer 7 Application Context Support:SYMUPD (Symantec LiveUpdate traffic, which includes spyware definitions, firewall rules, antivirus signature files, and software updates), MAXDB (SQL connections and queries made to a MaxDB SQL server), and GITHUB (web-based Git or version control repository and Internet hosting service).
  • Identity Firewall
    Expanded OS support for Identity Firewall: Identity Firewall support for user sessions on remote desktop and application servers (RDSH) is now expanded to include Windows Server 2012 with VMware Tools 10.2.5 and Windows 2012 R2 with VMware Tools 10.2.5.

vSphere Client (HTML5) enhancements

VMware extended the task which could be done via vSphere Client (HTML5)

  • Installation
  • Groups and Tags
  • Security
    • Firewall
    • Firewall Settings
    • Service Composer
    • Application Rule Manager
    • SpoofGuard

 

The following tables is part of the Functionality Updates for NSX and could be found at docs.vmware.com. It lists the not supported functions of NSX through the vSphere Client (HTML5).

Functional Area Unsupported Functionality in the vSphere Client
Service Definitions All functionality, including:
Guest Introspection Services
Network Introspection Services
Hardware Devices
Logical Switches All functionality
NSX Edges All functionality, including:
Edge – lifecycle management
Edge – Routing
Edge – NAT
Edge – DHCP
Edge – Bridging
Edge – Firewall
Edge – Load Balancer
Edge – VPN
Service Composer Service Composer Canvas
Tools: Endpoint Monitoring All functionality
Tools: Flow Monitoring Flow Monitoring Dashboard
Details by Service
Configuration
Tools: Traceflow All functionality
System: Users and Domains All functionality
System: Events All functionality, including:
SNMP Events
NSX Ticket Logger
Cross-VC NSX Universal Logical Switch
Universal Logical Router
NSX Home Getting Started
License Information
Customer Experience Improvement Program