SAN FRANCISCO \u2013 VMware has added new features to its core networking software that will let customers more securely control cloud application traffic running on virtual machines, containers or bare metal.\u00a0\nAt its VMworld event, the company announced a new version of the company\u2019s NSX networking software with support for the cloud-based advanced load balancer technology it recently acquired from Avi Networks.\n\nThe load balancer is included in VMware vRealize Network Insight 5.0 and tied to NSX Intelligence software that lets customers optimize network performance and availability in virtual and physical networks. The load balancer includes a web application firewall and analytics features to help customers securely control and manage traffic.\u00a0\nVMware bought Avi in June with the plan to punch up its data-center network-virtualization capabilities by adding Avi\u2019s load balancing, analytics and application-delivery technology to NSX. Avi\u2019s integration with VMware NSX delivers an application-services fabric that synchronizes with the NSX controller to provide automated, elastic load balancing including real-time analytics for applications deployed in a software-defined network environment. The Avi technology also monitors, scales and reconfigures application services in real time in response to changing performance requirements.\n\u201cThe load balancer uses a modern interface and architecture to deliver and optimize application delivery in a dynamic fashion," said Rohit Mehra, vice president, Network Infrastructure for IDC. "Leveraging inbuilt advanced analytics and monitoring to deliver scale that is much needed for cloud applications and micro-services, the advanced load balancer will essentially be a nice add-on option to VMware\u2019s NSX networking portfolio. While many customers may benefit from its integration into NSX, VMware will likely keep it as an optional add-on, given the vast majority of its networking clients currently use other ADC platforms.\u201d\nNSX-T Data Center software is targeted at organizations looking to support multivendor cloud-native applications, bare-metal workloads, hypervisor environments and the growing hybrid and multi-cloud worlds. The software offers a range of services layer 2 to Layer 7 for workloads running on all types of infrastructure \u2013 virtual machines, containers, physical servers and both private and public clouds. NSX-T is the underpinning technology for VMware\u2019s overarching Virtual Cloud Network portfolio that offers a communications-software layer to connect everything from the data center to cloud and edge.\n\u201cNSX now provides a complete set of networking services offered in software. Customers don\u2019t need dedicated hardware systems to do switching, routing or traffic load balancing as NSX treats VM, container and app traffic all the same from the cloud to data center and network edge,\u201d said Tom Gillis, VMware senior vice president and general manager, networking and security business unit.\u00a0\nNow customers can distribute workloads uniformly across network improving capacity, efficiency and reliability, he said.\nSpeaking at the event, a VMware customer said VMware NSX-T Data Center is helping the company secure workloads at a granular level with micro-segmentation, and to fundamentally re-think network design. "We are looking to develop apps as quickly as possible and use NSX to do automation and move faster,\u201d said Andrew Hrycaj, principal network engineer at IHS Markit \u2013 a business information provider headquartered in London.\nNSX also helps IT manage a common security policy across different platforms, from containers, to the public cloud with AWS and Azure, to on-prem, simplifying operations and helping with regulatory compliance, while fostering a pervasive security strategy, Hrycaj said.\nAt VMworld the company announced version 2.5 of NSX which includes a distributed\u00a0 analytics engine called NSX Intelligence that VMware says will help eliminate blind spots to reduce security risk and accelerate security-incident remediation through visualization and deep insight into every flow across the entire data center.\n\u201cTraditional approaches involve sending extensive packet data and telemetry to multiple disparate centralized engines for analysis, which increase cost, operational complexity, and limit the depth of analytics,\u201d wrote VMware\u2019s Umesh Mahajan, a senior vice president and general manager networking and security in a blog about version 2.5.\n\u201cIn contrast, NSX Intelligence, built natively within the NSX platform, distributes the analytics within the hypervisor on each host, sending back relevant metadata\u2026 [and providing] detailed application--topology visualization, automated security-policy recommendations, continuous monitoring of every flow, and an audit trail of security policies, all built into the NSX management console.\u201d\nIDC\u2019s Mehra said: \u201cThe NSX Intelligence functionality is indeed very interesting, in that it delivers on the emerging need for deeper visibility and analytics capabilities in cloud IT environments. This can then be used either for network and app optimization goals, or in many cases, will facilitate NSX security and policy enforcement via micro-segmentation and other tools. This functionality, built into NSX, runs parallel to vRealize Network Insight, so it will be interesting to see how they mirror, or rather, complement each other,\u201d he said.\nNSX-T 2.5, also introduces a new deployment and operational approach VMware calls Native Cloud Enforced mode.\n\u201cThis mode provides a consistent policy model across the hybrid cloud network and reduces overhead by eliminating the need to install NSX tools in workload VMs in the public cloud,\u201d Mahajan wrote. \u201cThe NSX security policies are translated into the cloud provider\u2019s native security constructs via APIs, enabling common and centralized policy enforcement across clouds.\u201d\nNetworking software vendor Apstra got into the NSX act by announcing it had more deeply integrated the Apstra Operating System (AOS) with NSX.\u00a0\nAOS includes a tighter design and operational interoperability between the underlying physical network and software-defined overlay networks with a solution that liberates customers from being locked into any specific network hardware vendor, said Mansour Karam, CEO and founder of Apstra.\u00a0\nAOS 3.1 adds automation to provide consistent network and security policy for workloads across the physical and virtual\/NSX infrastructure, Apstra said. AOS supports VMware vSphere and allows for automatic remediation of network anomalies. AOS\u2019 intent-based analytics perform regular \u00a0network checks to safeguard configurations between the Apstra managed environment and the vSphere servers are in sync.\nLike other AOS releases, version 3.1 is hardware agnostic and integrated with other networking vendors including Cisco, Arista, Dell and Juniper as well as other vendors such as Microsoft and Cumulus.\nBig Switch also announced that it has extended its Enterprise Virtual Private Cloud (E-VPC) integration to the VMware Cloud Foundation (VCF) and NSX-T. \u00a0 The company's\u00a0 Big Cloud Fabric (BCF) underlay now fully integrates with VMware\u2019s software-defined data center (SDDC) portfolio, including NSX-T, vSphere, VxRail and vSAN, providing unmatched automation, visibility and troubleshooting capabilities.