I am reading up on the new (vCNS) vCloud Network and Security bundles and as a current vShield App customer I am worried. I am currently running multiple 3 host environments using vSphere Enterprise and these environments have vShield App installed on them to help with application isolation etc. As per the vCNS FAQ vSphere Ent Plus IS A REQUIREMENT...... I can understand this as VXLAN which is bundled in does need the vDS BUT I have th following questions/issues.
1. As per the support polices (http://www.vmware.com/support/policies/upgrade.html) if my SnS is valid and up to date I am entitle to the new versions of products BUT to upgrade my vShield App means being forced to go vCNS and thus Ent Plus..! vShield App will not be available as a standalone going forward (October timeframe they say). This policy also states my license key should stay the same. By that reckoning I SHOULD NOT have to upgrade my environment to vSphere Ent Plus. I do not want to use anything but the new vShield App
2. Can VMware confirm then if vShield App 5.0.1 will work on vSphere 5.1 Enterprise?
3. Can VMware confirm if vCNS Standard will work on vSphere 4.1 Ent Plus?
4. What then is the value in keeping SnS if by invoking my free vShield App upgrade I am forced to pay for vSphere Ent Plus, this does not seem fair to me?
I find vShield App very useful in my environment as it helps "lock down" my environments and gives my security teams a warm fuzzy feeling and they have come to love the flexibility of vShield App including the fact they can control the firewall policies.
One last thing if I may.....? Is vShield zones still the "bridge based" firewall like it was is v1 or is this now just a basic version of vShield App standalone?
Thanks
Matt