Monat: April 2022

I collected some best practise how to improve MS Teams performance.

the full article here

I had a call with a customer that shows me in Zoom Session he created DFW Rules automatically with Tufin. Basically a create idea to use at tool that creates the rules for you. (NSX Intelligence is also a good approach). The problem with tufin was that tufin create a seperate Security Group for every VM . That it gives the VM a Tag with the same name like the appropriate Group and set the Group with a Membership criteria with the appropriate Tag. This behavior of Tufin break the configuration maximums of NSX-T 3.2 (4000 Rules per VM). So when the customer has 5000 VMs he has 5000 groups -> Not best practise at all from NSX point of view.

Even Worse Tufin create one per flow which means the total number of firewall rule was in the customers case 250.000 -> no joke. But here comes the best of all in the „applied to“ field of the DFW was always set to „Distributed Firewall“ which means every VM got every Firewall rule. Customer was frustrated about the performance, until we explained him look how much Firewall rules every VM / Host had. There was no doubt we need to recreate the entire Firewall Ruleset with NSX best pratice approved (NSX Intelligence).