Everything K8s, NSX… 👋

This post will go through the Antrea-native policy resources and how to use them to secure your Kubernetes environment combined with K8s network policies. Abbreviations used in this article: Container Network Interface = CNI Antrea Cluster Network Policies = ACNP Antrea Network Policies = ANP Kubernetes Network Policies = K8s policies or KNP When it comes to securing your K8s infrastructure it can be done in several layers in the infrastructure as a whole....

This week I was fortunate to get hold of a VMC on AWS environment and wanted to test out the possibility of managing my K8s security policies from my on-prem NSX manager by utilizing the integration of Antrea in NSX. I haven’t covered that specific integration part in a blog yet, but in short: by using Antrea as your CNI and you are running NSX-T 3.2 you can manage all your K8s policies from the NSX manager GUI....

VMware NSX 3.2 is out and packed with new features. One of them is the NSX Application Platform which runs on Kubernetes to provide the NSX ATP (Advanced Threat Protection) functionality such as NSX Intelligence (covered in a previous post), NSX Network Detection and Response (NDR) and NSX Malware. This post will go through how to spin up a K8s cluster for this specific scenario covering the pre-reqs from start to finish....

This page will explain my lab environment, which is used in all the examples, tutorials in this blog. Lab overview/connectivity - physical, logical and hybrid It is nice to have an overview of how the underlying hardware looks like and when reading my different articles. So I decided to create some diagrams to illustrate this. Which hopefully will help understanding my blog posts further. First out is the physical components (which is relevant for the posts in this blog)....

This post will go through the IDS/IPS built-in feature of the NSX distributed firewall. Abbreviations used in this article: IDS = Intrusion Detection System IPS = Intrusion Prevention System Introduction to VMware NSX distributed IDS & IPS Before we dive into how to configure and use the distributed IDS and IPS feature in NSX let me just go through the basics where I compare the traditional approach with IDS/IPS and the NSX distributed IDS/IPS....