The micro-segmentation use case showcases the networking and security capabilities of VMware NSX for vSphere.

The use case includes the virtual infrastructure components and vRealize Log Insight. VMware vSAN is supported but not required.

Figure 1. VMware Validated Design for Micro-Segmentation Components

VMware Validated Design for Micro-Segmentation includes a subset of VMware Validated Design for Software-Defined Data Center that provides workload isolation in the SDDC stack on top of the virtual infrastructure layer.

VMware vSphere

As the base layer, VMware ESXi and VMware vCenter Server support infrastructure virtualization.

VMware NSX for vSphere

VMware NSX for vSphere provides the functionality for implementing micro-segmentation in the SDDC.

NSX supports flexible security policies. The policies can be based on the virtual network structure, virtual machine or OS type, dynamic security tags, and more. The result is granularity of security down to the virtual NIC.

The resulting data center supports isolation and segmentation, with drastically improved security.

vRealize Log Insight

VMware vRealize Log Insight supports log management features that enable you to view and analyze security and networking logs by using customizable dashboards.