Update: I had previously said that the Essentials license required some level of support but as Gary noted in the comments that is not the case. If you don’t want or need support it is not required and you can run Essential Edition for free. NICE!
Big news today from Cisco! They announced the newest version of the Nexus 1000v, 2.1, and a new pricing model. Note that v2.1 is not out yet and that it’s currently in beta but I hear it should ship in about a month. First, pricing model…
The Nexus 1000v product line is going to be split in to two versions, Essentials and Advanced. The first big news is that Essentials is free..well..licenses are free but they do require some form of a support agreement which hasn’t been released yet. Even with that the $695/socket license is gone. The Advanced version includes more features and still retains the $695/socket license.
Here is a quick image I borrowed from Cisco showing the feature differences:
The Essentials version retains a lot of the “core functionality” that many people want and meets the needs of many.
- VLAN, ACL, & QoS support – Basic layer 2 functions required for the N1Kv operation along with ACL support and more robust QoS
- VXLAN – While not surprising this made the Essentials cut, given inclusion in vSphere 5.1, I was glad to see it here
- LACP – More robust LACP support than what you get with vSphere 5.1
- Multicast, Netflow, & ERSPAN – On par or better than what is included in the vSphere 5.1 VDS
- Management – Managed just like a Cisco Nexus switch
- vTracker – New in v2.1. Offers VM-level & host-level visibility to network administrator added visibility into virtual and physical networks (such as VM name and vMotion events).
- vCenter Plug-in – New in v2.1. Not the standard plug-in for connectivity to vCenter but a new way to view the virtual network.
Bottom line here…. VMware has up’d the bar with the VDS in vSphere 5.1 and added many “basic” features such as ERSPAN, better Netflow support, basic LACP support, and VXLAN. There are orgs out there that went to the N1Kv for just these features and they were looking very hard at the VDS. Good move by Cisco to make this free. If customers have more basic needs they can use Essentials or they can dip their toe in to the N1Kv waters without a licensing expense.
Advanced adds more features. The big news here is the inclusion of VSG (Virtual Security Gateway). That’s big. It shows how that space is quickly heating up along side VMware’s retooling of vShield/vCNS.
- Cisco TrustSec – Adds TrustSec support for virtual machines. And if you aren’t sure what TrustSec is, from Cisco: Extends Cisco TrustSec security solutions for network-based segmentation of users and physical workloads to now virtual workloads connected to Nexus 1000V, leveraging Security Group Tag (SGT) for defining security segments.
- DHCP Snooping, ARP Inspection, IP Source Guard – Features we’ve had for a while, just moved to Advanced. Often used in VDI environments.
- VSG – Cisco’s multitenant zone-based security policy offering.
From what I’ve seen the adoption of VSG has been lighter than what Cisco had hoped so while not a complete shock that it was included in the Advanced version…it’s still a really good deal. My big question is….with the announcement that the N1Kv would be included in VMware’s new vCloud Suite offerings, which one do you get?
Mixed in with these new licensing changes is a new release, v2.1. New features include:
- Support for Cisco TrustSec — Extends Cisco TrustSec security solutions for network-based segmentation of users and physical workloads to now virtual workloads connected to Nexus 1000V, leveraging Security Group Tag (SGT) for defining security segments. (Available only in the Advanced Edition)
- vCenter Plug-in – Provides a holistic view to server administrator of the virtual network from within VMware vCenter
- vTracker – Offers VM-level & host-level visibility to network administrator added visibility into virtual and physical networks (such as VM name and vMotion events)
- Cross Data Center High-availability – You can now split the Primary and Standby VSMs between two active datacenters for true multi-site redundancy
- Enhanced Installer App – The N1Kv installer has gone through constant evolution and it continues to evolve with a “single pane” installer
- Simplified upgrade process – Allows flexibility to schedule upgrades on a per-host basis, thus enabling incremental upgrades even during short maintenance windows. Anything that they do to help smooth out N1Kv upgrades is a good thing…very much welcomed.
The N1Kv has been an interesting product. We have seen people embrace it…and we have seen people regret it. Often that regret is tied to the organizational structure and the wrong groups owning support. But Cisco has done a very good job of evolving the product and offering many compelling and innovative features while also easing the pain of deployment, management, and upgrades.
Interesting timing with v2.1, too. My TrainSignal course on the Nexus 1000v just shipped. Maybe I’ll do a v2.1 update lesson showing the new features! Hard to keep up….