Mon ami Juan, Principle Engineer SDN chez Cisco a présenté lors du Cisco Live 2016 à Berlin en début d'année, une conférence comparent la microsegmentation réseau vu par VMware NSX et Cisco ACI.
Il ressort de cette vidéo 9 critères clef pour choisir la bonne option :
- Define your own microsegmentation: Microsegmentation for just vSphere-based workloads? What about physical workloads? What about other endpoints: ADCS and NFGWs, and IP storage devices?
- Rank the importance of vSphere vs. Microsoft Hyper-V and KVM. Consider the pros and cons of using vSphere Distributed Switches (VDS), Open vSwitch and Cisco Application Virtual Switch (AVS). How open do you want your preferred virtual switch to be?
- Need microsegmentation for any lateral, east-west movement in any combination involving multiple hypervisor hosts and/or physical hosts?
- Multi-tenancy? Microsegmentation easily for Dev / Test / Production tenants?
- Automate microsegmentation with existing ADCs or NGFWs?
- Microsegmentation for north south traffic too?
- Insert both virtual and physical editions of ADCs and NGFWs easily?
- What NGFW throughput performance do you need on hypervisor hosts? Keep in mind NGFWs can get only 1-2Gbps on a 10G hypervisor host. Will that be enough?
- As you scale microsegmentation to support multiple vCenters, do you still retain the same microsegmentation functionality?