agree that VSX was not something that was benefitial for MSP environments. Basically we were going towards gateways running under vmware ESXi which allows for better snapshot of member (upgrades/rollbacks; etc); treats each cluster as 'normal' (adding routing, local configs) and much better utilization of physical host resources under esxi than w/ vsx. Another benefit is when doing a bunch of BCDR's were you are building an environment remotely it's less work to build the DR environment for a single client. Am interested to re-review vsnext to see how it changes (as well as with broadcom buying vmware, as going to say xcp-ng opposed to esxi has another impact).
@MagnusHolmberg-NetSec6 ай бұрын
Really depend on the user case, we used alot of vsx but also some cloudguard more or less to dedicate performance/allow for special thing and dedicated service windows. Cloudguard can be run or more hypervisors than VMware so it may still be a valid design. Easy to calculate cost per customer with cloudguard also.
@stevekristoff43656 ай бұрын
@@MagnusHolmberg-NetSec yeah, these are mainly on-prem only solutions so cloudguard isn't used. Also we have a heavy vmware deployment already being a MSP as we have many virtualized services that we provide to clients (and have many virtualized offerings to clients). There are some smaller (soho type) remote offices that some clients have that are good candidates for cloudguard but most of those clients are still using ASA's as they're just more cost effective to them even though the security isn't the same.
@MagnusHolmberg-NetSec6 ай бұрын
@@stevekristoff4365 cloudguard is the new name for vsec no problem to run onprem (easy to scale) Sadly only subscription based licenses now. Before you could buy them perpetual. Hehe iknow the feeling, migrated 300 Cisco asa context during the last 2-3 years 😂