What’s New with VMware Cloud on AWS GovCloud (US): April 2021

VMware Cloud on AWS GovCloud (US) has announced several updates over the last few quarters. VMware has been operating this service successfully for the last 15 months in AWS GovCloud (US-West) region – with Federal, Defense, State, and Local Government customers deploying hybrid cloud topologies and extending their data centers to the public cloud. Today we are pleased to announce several exciting updates to VMware Cloud on AWS GovCloud (US). The new networking and security enhancements will improve network performance, scalability of firewalls, and introduce new configuration options.

Increased Network Performance and Configuration Options

Fast network performance and rich network configuration topologies ensure that business-critical applications meet their user requirements.  In this release, VMware Cloud on AWS GovCloud (US) has almost doubled TCP and UDP network throughput for in, out, and within SDDC traffic for the i3en hosts over the i3 hosts.  Moreover, new custom DHCP profiles are available to configure the DHCP server in gateway (for all segments), local (for individual segment), or relay mode.  In addition, each network segment now has a fine-grained statistic including counters for packets transmitted, received, and dropped; new profiles assignable at segment creation time that include an option to bind to DHCP addresses; and the ability to view all related groups referencing individual segments.  Finally, VPN tunnels now support TCP MSS Clamping on Policy-based and Route-based VPNs that permits setting of a maximum segment size for IPSec traffic to avoid fragmentation.

Increased Firewall Scale and Configuration Options

Security is paramount to public sector agencies and private sector customers in highly regulated industries.  VMware Cloud on AWS GovCloud (US) NSX Distributed Firewall (DFW) now supports up to 40,000 firewall rules across all sections; 12,000 security groups; 1,800 VMs per security group per SDDC. Moreover, the DFW now provides the options to schedule enforcement of specific rules for specific time intervals.  In addition, customers can now take advantage of advanced search and filtering capability for firewall rules using many criteria including rule ID, rule name, group membership, source and destination IP address, protocol, service, action, and rule status.  Finally, the DFW now gives customers the ability to view firewall rule IDs directly in the console.  The same advanced search, filtering, and rule visibility options have been added to the traditional NSX firewall.

Availability

To view the latest status of features for VMware Cloud on AWS, visit: https://cloud.vmware.com/govcloud/roadmap . Refer to the release notes: https://docs.vmware.com/en/VMware-Cloud-on-AWS-GovCloud-(US)/services/rn/VMware-Cloud-on-AWS-GovCloud-US.html for the latest  updates.

The following capabilities are available today:

Improved network performance with higher network throughput, increased Scale Attributes for NSX Distributed Firewall (DFW) , advanced search and filtering capability in the UI with Firewall, supporting MSS Clamping Policy-based/ Route-based VPN, and enhancement in network segments.

Learn More

For more information about VMware Cloud on AWS GovCloud (US), pricing, and to get started please visit cloud.vmware.com/govcloud or contact your VMware or AWS sales team.

Resources

Posted by Editor