vCloud Director – Key Differences in Edge Gateway Services (2 of 2)

vCloud Director – Key Differences in Edge Gateway Services (1 of 2) 

Okay, continuing my comparison to the vCloud Director (vCD) Edge Services UI capabilities.

IPsec/L2 VPN Services – Advantage: Advanced Gateway

Advanced Gateway

  1. Very modular interface similar to NSX that allows me to apply the necessary configurations to bring up a IPsec or L2 VPN tunnel. Remember, this is how we configure an L2 VPN tunnel for vCloud Director Extender!

Standard Gateway

  1. Well, I can set up an IPsec VPN. Nice feature, but no L2 VPN capability.

SSL VPN-Plus Services – Advantage: Advanced Gateway

Advanced Gateway

  1. Comprehensive capability of establishing SSL VPN+ capability inside of the vCD HTML5 UI. From your general settings to creating the installation package, it’s covered.

Standard Gateway

  1. I got nothing, Jim. Not available in the Flex UI for the Standard Gateway.

Miscellaneous Services – Advantage: Advanced Gateway

Standard Gateway

  1. Very basic capability from enabling HA for the edge to configuring IP settings (external, IP Pools, etc).
  2. I see a section for Syslog Server settings, but no way of changing it. This can be done through the API however. Also, no way of changing the admin account password through this interface (that I’m aware of).

Advanced Gateway

  1. As the name states, quite a bit more of available here.
    1. Edge Settings has the ability to enable/disable SSH, change the username/password, and set a login banner along with editing a single syslog server.
    2. We also have Statistics available from a Connections, IPsec VPN, and L2VPN perspective.
    3. Ability to upload/modify certificates from the UI.
    4. Last of all, Grouping Objects – ability to establish groups based on IP Sets, MAC Sets, Services, and Service Groups.
  2. As expected, very comprehensive and gives you a similar look and feel to NSX.

Summary

This should not come to any surprise, but the Advanced Gateway Services provide many more features in a very streamlined interface. For our NSX consumers, it’s very similar to what they see in the vSphere Flash Client today, but cleaner in my opinion.

There’s absolutely nothing wrong with the Standard Edge Services by the way. It’s an NSX Edge under the covers and what we went through here is what the UI presents from the Flex interface.

So why use the Standard Edge in comparison to the Advanced? First off, anything before vCD version 8.20 does not have the Advanced Edge available as it was released then. So if you’re on an older version, upgrade!

Second, there may be a consideration where the provider controls the managed services and provides basic network services. This could be good enough for the operating model and allows the provider to have complete control over the tenant/org environment.

Last of all, if you’re providing self-serviceability and advanced network services, you should be using the Advanced Gateway! I didn’t even discuss the granular Roles Based Access Control (RBAC) where I can present/unpresent specific configurations. For example, we can allow the tenant to manage their VPN tunnels while Routing is not available and controlled by the Provider.

Stay tuned for more updates on vCD, we got a lot of things cookin’. 🙂

-Daniel

 

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: