Product offerings for VMware NSX-T Data Center 2.2.x (52462)
Purpose
This article provides information on licensing editions of VMware NSX-T and list of features associated with the various licensing editions in VMware NSX-T Data Center 2.2.x.
Resolution
New VMware NSX Data Center editions became available to order on June 5th, 2018. The tiers of NSX Data Center licenses are as follows:
- Standard Edition: For organizations needing agility and automation of the network.
- Professional Edition: For organizations needing Standard, plus micro-segmentation, and may have public cloud endpoints.
- Advanced Edition: For organizations needing Professional, plus advanced networking and security services, and may have multiple sites.
- Enterprise Plus Edition: For organizations needing the most advanced capabilities NSX Data Center has to offer, plus network visibility and security operations with vRealize Network Insight™, and hybrid cloud mobility with NSX Hybrid Connect.
NSX-T Licensing editions and features
NSX Data Center is available as a single download image with license keys required to enable specific functionality.
| Feature | Standard | Professional | Advanced | Enterprise Plus |
|---|---|---|---|---|
| Platform Features | ||||
| ESXi Support1 | Yes | Yes | Yes | Yes |
| KVM Support2 | Yes | Yes | Yes | Yes |
| Controller Clustering | Yes | Yes | Yes | Yes |
| vCenter Integration1 | Yes | Yes | Yes | Yes |
| Edge Platform Features | ||||
| Edge in VM Form Factor | Yes | Yes | Yes | Yes |
| Edge in Bare-Metal Form Factor | Yes | Yes | Yes | Yes |
| DPDK Optimized Forwarding | Yes | Yes | Yes | Yes |
| Switching | ||||
| Distributed Switching | Yes | Yes | Yes | Yes |
| VLAN Backed Logical Switching | Yes | Yes | Yes | Yes |
| Overlay Backed Logical Switching | Yes | Yes | Yes | Yes |
| Multiple TEP Support | Yes | Yes | Yes | Yes |
| Optimized ARP Learning and Broadcast Suppression | Yes | Yes | Yes | Yes |
| GENEVE Encapsulation | Yes | Yes | Yes | Yes |
| Unicast Replication | Yes | Yes | Yes | Yes |
| Headend Replication | Yes | Yes | Yes | Yes |
| Spoofguard | Yes | Yes | Yes | Yes |
| LACP (Edge and Host) | Yes | Yes | Yes | Yes |
| Quality of Service (QoS) | ||||
| QoS Marking | Yes | Yes | Yes | Yes |
| QoS DSCP Trust Boundary | Yes | Yes | Yes | Yes |
| L2 Bridging to Physical Environment | ||||
| Software Based L2 Bridge (ESXi based) | Yes | Yes | Yes | Yes |
| Routing | ||||
| Distributed Routing | Yes | Yes | Yes | Yes |
| Multi-Tier Routing | Yes | Yes | Yes | Yes |
| Dynamic Routing with ECMP | Yes | Yes | Yes | Yes |
| Static Routing – IPv4 | ||||
| Static Routing | Yes | Yes | Yes | Yes |
| BFD | Yes | Yes | Yes | Yes |
| Null Routes | Yes | Yes | Yes | Yes |
| Device Routes | Yes | Yes | Yes | Yes |
| BGP – IPv4 Unicast | ||||
| eBGP | Yes | Yes | Yes | Yes |
| eBGP Multihop | Yes | Yes | Yes | Yes |
| Graceful Restart | Yes | Yes | Yes | Yes |
| BFD | Yes | Yes | Yes | Yes |
| 4-byte ASN | Yes | Yes | Yes | Yes |
| BFD | ||||
| Sub-Second Keepalive Timer | Yes | Yes | Yes | Yes |
| Route Maps | ||||
| Match on Prefix-List and Community-List | Yes | Yes | Yes | Yes |
| Set Weight, MED, AS Path, Prepending, and Community | Yes | Yes | Yes | Yes |
| Other | ||||
| VRRP | Yes | Yes | Yes | Yes |
| Route Redistribution | Yes | Yes | Yes | Yes |
| IP Prefix-Lists | Yes | Yes | Yes | Yes |
| Active / Active Redundancy | Yes | Yes | Yes | Yes |
| Active / Standby Redundancy | Yes | Yes | Yes | Yes |
| Per Interface RPF Check | Yes | Yes | Yes | Yes |
| NAT | ||||
| NAT on North/South and East/West Logical Routers | Yes | Yes | Yes | Yes |
| Source NAT | Yes | Yes | Yes | Yes |
| Destination NAT | Yes | Yes | Yes | Yes |
| NAT N:N | Yes | Yes | Yes | Yes |
| Stateless NAT | Yes | Yes | Yes | Yes |
| NAT Logging | Yes | Yes | Yes | Yes |
| Firewall | ||||
| Edge Firewall | Yes | Yes | Yes | Yes |
| Distributed Firewalling | No | Yes | Yes | Yes |
| Common Firewall User Interface | Yes | Yes | Yes | Yes |
| Firewall Sections | Yes | Yes | Yes | Yes |
| Firewall Logging | Yes | Yes | Yes | Yes |
| Stateful L2 and L3 Rules | Yes | Yes | Yes | Yes |
| Stateless L2 and L3 Rules | Yes | Yes | Yes | Yes |
| Tag Based Rules | Yes | Yes | Yes | Yes |
| Distributed Firewall based IPFIX | No | Yes | Yes | Yes |
| Policy, Tagging and Grouping | ||||
| Object Tagging / Security Tags | Yes | Yes | Yes | Yes |
| Network Centric Grouping | Yes | Yes | Yes | Yes |
| Workload Centric Grouping | Yes | Yes | Yes | Yes |
| IP Sets | Yes | Yes | Yes | Yes |
| MAC Sets | Yes | Yes | Yes | Yes |
| Policy | ||||
| Simple Policy Language | Yes | Yes | Yes | Yes |
| Policy Previews | Yes | Yes | Yes | Yes |
| Policy Verification | Yes | Yes | Yes | Yes |
| Central Policy Management | Yes | Yes | Yes | Yes |
| DNS, DHCP and IPAM (DDI) | ||||
| IPAM | ||||
| IP Blocks | Yes | Yes | Yes | Yes |
| IP Subnets | Yes | Yes | Yes | Yes |
| IP Pools | Yes | Yes | Yes | Yes |
| DHCP Server | Yes | Yes | Yes | Yes |
| DHCP Relay | Yes | Yes | Yes | Yes |
| DHCP Static Bindings / Fixed Addresses | Yes | Yes | Yes | Yes |
| DNS Relay / DNS Proxy | Yes | Yes | Yes | Yes |
| Meta-Data Proxy | Yes | Yes | Yes | Yes |
| Load Balancing | ||||
| Protocols | ||||
| TCP (L4-L7) | No | No | Yes | Yes |
| UDP | No | No | Yes | Yes |
| HTTP | No | No | Yes | Yes |
| Load Balancing Methods | ||||
| Round Robin | No | No | Yes | Yes |
| Source IP Hash | No | No | Yes | Yes |
| Least Connections | No | No | Yes | Yes |
| L7 Application Rules with RegEx Support | No | No | Yes | Yes |
| Health Checks | ||||
| TCP | No | No | Yes | Yes |
| ICMP | No | No | Yes | Yes |
| UDP | No | No | Yes | Yes |
| HTTP | No | No | Yes | Yes |
| HTTPS | No | No | Yes | Yes |
| Monitoring | ||||
| View VIP / Pool / Server Objects | No | No | Yes | Yes |
| View VIP / Pool / Server Statistics | No | No | Yes | Yes |
| View Global Statistics VIP Sessions | No | No | Yes | Yes |
| Automation | ||||
| Pool Members Based on vCenter Context or IP Addresses | No | No | Yes | Yes |
| Other | ||||
| Connection Throttling | No | No | Yes | Yes |
| High-Availability | No | No | Yes | Yes |
| API Driven Automation | ||||
| REST API | Yes | Yes | Yes | Yes |
| JSON Support | Yes | Yes | Yes | Yes |
| OpenAPI / Swagger Spec | Yes | Yes | Yes | Yes |
| Java SDK | Yes | Yes | Yes | Yes |
| Python SDK | Yes | Yes | Yes | Yes |
| Basic Authentication | Yes | Yes | Yes | Yes |
| Token Authentication | Yes | Yes | Yes | Yes |
| Certificate Authentication | Yes | Yes | Yes | Yes |
| Auto-generated API Documentation | Yes | Yes | Yes | Yes |
| Terraform Provider | Yes | Yes | Yes | Yes |
| Integration with Cloud Management Platforms | ||||
| OpenStack | ||||
| Integration with VMware Integrated OpenStack1 | Yes | Yes | Yes | Yes |
| Integration with RedHat OpenStack Platform3 | Yes | Yes | Yes | Yes |
| Layer 2 Services | ||||
| VLAN Provider Networks | Yes | Yes | Yes | Yes |
| Overlay Provider Networks | Yes | Yes | Yes | Yes |
| Overlay Tenant Networks | Yes | Yes | Yes | Yes |
| Overlapping IP | Yes | Yes | Yes | Yes |
| L2 Overlay / VLAN Bridging | Yes | Yes | Yes | Yes |
| DHCP Server | Yes | Yes | Yes | Yes |
| Layer 3 Services | ||||
| Neutron Router – Centralized | Yes | Yes | Yes | Yes |
| Neutron Router – Distributed | Yes | Yes | Yes | Yes |
| Floating IP Support (NAT) | Yes | Yes | Yes | Yes |
| No Floating IP Support (No-NAT) | Yes | Yes | Yes | Yes |
| Automatic Dynamic routing with Physical Fabric (BGP) | Yes | Yes | Yes | Yes |
| Layer 4+ Services | ||||
| Load Balancing (LBaaS) | No | No | Yes | Yes |
| Security | ||||
| Neutron Security Groups using Stateful Firewall | Yes | Yes | Yes | Yes |
| FWaaS (L3 Stateful Firewall) | Yes | Yes | Yes | Yes |
| Port Security | Yes | Yes | Yes | Yes |
| Miscellaneous | ||||
| Metadata Proxy Service | Yes | Yes | Yes | Yes |
| Admin Utiliy (Consistency Check / Cleanup) | Yes | Yes | Yes | Yes |
| Integration with Active Directory | ||||
| Authentication to Active Directory using vIDM1, 5 | Yes | Yes | Yes | Yes |
| Log Management | ||||
| vRealize Log Insight Integration1, 4 | Yes | Yes | Yes | Yes |
| Splunk Integration2 | Yes | Yes | Yes | Yes |
| Installation | ||||
| Automated Controller Deployment | Yes | Yes | Yes | Yes |
| Manual Controller Deployment | Yes | Yes | Yes | Yes |
| Automated Edge Deployment | Yes | Yes | Yes | Yes |
| Manual Edge Deployment | Yes | Yes | Yes | Yes |
| Automated Host Preparation by Cluster | Yes | Yes | Yes | Yes |
| Operations | ||||
| Port Mirroring | Yes | Yes | Yes | Yes |
| Traceflow | Yes | Yes | Yes | Yes |
| Tunnel Health Monitoring | Yes | Yes | Yes | Yes |
| Port Connectivity Tool | Yes | Yes | Yes | Yes |
| Switch Based IPFIX | Yes | Yes | Yes | Yes |
| LLDP | Yes | Yes | Yes | Yes |
| Automated Technical Support Bundles | Yes | Yes | Yes | Yes |
| Packet Capture | Yes | Yes | Yes | Yes |
| Backup and Restore | Yes | Yes | Yes | Yes |
| Upgrade | ||||
| Upgrade Coordinator | Yes | Yes | Yes | Yes |
Notes:
1 Please refer to the VMware Product Interoperability Matrices for specific versions supported with NSX-T Data Center.
2 Please refer to the NSX-T Data Center release notes for specific versions.
3 Please refer to the NSX Data Center partner web site for specific versions.
4 VMware vRealize Log Insight for NSX provides intelligent log analytics for NSX Data Center. Log Insight provides monitoring and troubleshooting capabilities and customizable dashboards for network virtualization, flow analysis, and alerts. This means you will have an enterprise level Log Insight license for every license of NSX Data Center.
5 VMware Identity Manager – A license to use VMware NSX Data Center includes an entitlement to use the VMware Identity Manager feature, but only for the following functionalities:
- Directory integration functionality of VMware Identity Manager to authenticate users in a user directory
- Conditional access policy.
- Single-sign-on integration functionality with third party Identity providers to allow third party identity providers’ users to single-sign-on into NSX Data Center.
- Two-factor authentication solution through integration with third party systems. VMware Verify, VMware’s multi-factor authentication solution, received as part of VMware Identity Manager, may not be used as part of NSX Data Center.
- Single-sign-on functionality to access VMware products that support single-sign-on capabilities.
Update History
06/11/2018 – Updated article for VMware NSX-T Data Center 2.2.x.
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.
Reference: https://kb.vmware.com/s/article/52462