Posts

Showing posts from November, 2018

Using VRNI to Analyze Applications

As I've been doing more NSX Distributed Firewall work, one of my customers came to me with an interesting challenge.  They had a fairly complicated application that they wanted to move into a microsegmented security model, but they only had a diagram from when the application was initially deployed and were confident that it didn't show everything that the application did or even all of the VMs that were part of the application.  It was an interesting problem, and since they had vRealize Network Insight deployed, the answer was fairly straight-forward!

VRNI captures network traffic information from just about any device that can forward netflow data.  It uses that data to figure out which devices are communicating to each other, as well as highlighting all sorts of network issues like dropped packets or asymmetric routes.  In this case, I just used it as a giant repository of glorious 5-tuple data!

I started by registering the application in VRNI.  I went to Security and then