VMware NSX 6.4 Released New Features and Upgrade

VMware NSX 6.4 Released New Features and Upgrade process reveals some exciting new features and functionality. The is the first HTML5 release for VMware NSX and also contains great new firewall features


  •   The screenshots below, I am simply using the traditional process to upgrade, no Upgrade Coordinator, as I had some quirky things going on with my lab environment that required a more manual approach.
  •   As many others have put it, this feels like a major dot “O” release instead of a minor revision as the slightly incremented version number makes it appear.
  • Controller Disconnected Operation or CDO can now be enabled from the Management tab on the secondary site to avoid interrupting data plane connectivity in a multi-site environment.

VMware NSX is certainly a VMware product that garners much excitement from admins much as other software defined VMware technologies such as VMware vSAN do as well.  VMware has really knocked it out of the park with NSX 6.4.  As many others have put it, this feels like a major dot “O” release instead of a minor revision as the slightly incremented version number makes it appear.  There are many extremely exciting features with this release and NSX’s first release with HTML5 functionality!  Without further ado, let’s take a look at VMware NSX 6.4 Released New Features and Upgrade.

VMware NSX 6.4 Released New Features and Upgrade

As mentioned, this is a massive release of NSX.  Let’s list out a high-level view of the added features and detail some of the new functionality that is contained therein.

  • New Security Services additions:
    • Now includes layer 7 features! New Identity Firewall (IDFW) is able to apply firewall rules based on App ID.   This new functionality is made possible by a new App ID presented in the network traffic flow.  This can include DNS, RDP, SSH, AD, and others.
  • Another very cool feature of the new Identity Firewall is the ability for it to distinguish between different user traffic on the same host. A common use case for this would be securing an RDP/RDSH server that has multiple users logging in and out.  If one user needs a different security policy applied, using the new IDFW, this can be done.  This is made possible by NSX 6.4 and its ability to identify and distinguish between network traffic of different users.
    • This is made possible by the “Guest Introspection” VMware tools component as it allows mapping various users to their respective network flows.
  • New HTML5 vSphere client support.  New with NSX 6.4, HTML5 is support (albeit a very minimal set of functions).  However, this is the release that officially gets HTML5 out there, and we can only imagine every subsequent release will add to this functionality.  Also, the NSX dashboard has now been rewritten in HTML5.  The supported functionality includes:
  • Functional Area NSX Release Release Date Supported Functionality in the vSphere Client
    Dashboard 6.4.0 Jan 2018 Dashboard > Overview
    Dashboard > System Scale
    Upgrade 6.4.0 Jan 2018 All functionality
    Tools: Packet Capture 6.4.0 Jan 2018 All functionality
    Tools: Support Bundle 6.4.0 Jan 2018 All functionality
  • Upgrade Coordinator –  New with NSX 6.4 is the “Upgrade Coordinator” that provides a simplified single pane of glass view to both planning and executing an NSX upgrade.  This includes one-click and custom upgrade plans as well as pre and post upgrade checks.
  • New System Scale dashboard
  • A Central CLI for DLR, logical switch and edge distributed firewall.
  • New Support Bundle to collect a support bundle thorugh the UI with a single click
  • Packet capture tab allows capturing packets through the UI.
  • Controller Disconnected Operation or CDO can now be enabled from the Management tab on the secondary site to avoid interrupting data plane connectivity in a multi-site environment.
  • API improvements – API now includes JSON support.  NSX now offers choosing between JSON or XML for data formats.

Needless to say, this is an exciting release for sure!  You can check out the official release notes here:  https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.4/rn/releasenotes_nsx_vsphere_640.html

VMware NSX 6.4 Upgrade Process

The upgrade process with the traditional method is the same straightforward process of upgrading your NSX Manager, Controllers, Host VIBs, etc.  The screenshots below, I am simply using the traditional process to upgrade, no Upgrade Coordinator, as I had some quirky things going on with my lab environment that required a more manual approach.  However, look for a future post on this very soon.

Login to the NSX Manager and choose the Upgrade button.

Logging into the NSX Manager and beginning the Upgrade process

Choose the upgrade package downloaded from VMware for NSX 6.4.

Choose the downloaded VMware NSX 6.4 upgrade package

Upload the upgrade package file.

Uploading the VMware NSX 6.4 upgrade package

Note, if the upgrade detects that you are affected by the “APIs could fail due to cleanup of API server reference files” issue, it will be noted as below.  Read through the VMware KB for details:  https://kb.vmware.com/kb/2151719.

If your upgrade notes needing to follow VMware KB 2151719 perform those steps before upgrading

You are directed to perform an NSX Manager backup process before proceeding with the upgrade.

You are directed to take a backup of the NSX Manager before performing the upgrade

Below is a quick look at output from performing the steps mentioned in the VMware KB for the failed API cleanup.  I am using Postman below to perform the noted steps.

Running the VMware NSX KB 2151719 steps before upgrading

After running the NSX Manager upgrade, the UI will log you out.  After logging back in, you should see the new version 6.4.0 Build 7564187 and the services will need to start.  They will most likely be in the Starting… state.

VMware NSX Manager upgraded services starting

After a couple of minutes, the service should be in the Running state.

VMware NSX Management Service started after upgrade

At this point, if we go back out to the Networking and Security menu >> Installation >> Management we will see the Upgrade Available designated.

Upgrade now shows available for VMware NSX controllers

After clicking on the Upgrade Available link, confirm the upgrade to the controllers.

Confirming the upgrade to VMware NSX 6.4 Controllers

The upgrade process for the VMware NSX controllers begins.

VMware NSX 6.4 Controller upgrade in progress

The controller(s) will reboot.

VMware NSX 6.4 Controller rebooting after upgrade

Now, we see both the NSX Manager and the Controller nodes correctly displaying the new 6.4 version.

Versions of both the VMware NSX Manager and Controller now showing 6.4

Next, if we navigate over to Host Preparation, we will see the Upgrade available link for upgrading the host VIBs.

Upgrading VMware ESXi host VIBs to VMware NSX 6.4

Next, we confirm the action to upgrade the host VIBs.

Confirming the VMware ESXi cluster upgrade to VMware NSX 6.4

If the hosts are not in maintenance mode, you will see the Not ready error appear.

If hosts are not in maintenance mode the upgrade will show not ready for VMware NSX 6.4 VIB upgrade

Rolling through vMotioning over VMs, from one host to another, you will see the VIBs get updated on the hosts as they are brought into maintenance mode.

After placing a host in maintenance mode the VMware NSX VIB installation will begin

Now, we see the cluster/hosts correctly reflect the new VMware NSX 6.4 version.

After rolling through all hosts by placing in maintenance mode the ugprade to VMware NSX 6.4 VIBs will succeed

An exciting thing to see is the Networking and Security option now in the HTML5 UI web interface!

HTML5 UI will now show the Networking and Security menu

A quick look at the Networking and Security Dashboard.

HTML5 UI will now show the Networking and Security menu

The Upgrade Coordinator, new to VMware NSX 6.4, allows some really great automated/scheduled options related to NSX upgrades.

VMware NSX 6.4 Upgrade Coordinator

The system scale dashboard is a really great addition to NSX as it allows seeing real time statistics on NSX utilizing and capacity. Are you getting close to limits in the NSX infrastructure? The System Scale dashboard will help administrators easily see if they are nearing any limitations.

New VMware NSX 6.4 System Scale Dashboard

Concluding Thoughts

You have most likely seen others make the comment that VMware NSX 6.4 is a major release and it surely is! This feels much like a major revision with all the new features and functionality that has been packed into this release. The new HTML5 support is exciting as this signals the process at least officially to get NSX fully supported in the HTML5 client. This will be one more major integration that will have successfully been ported over to the HTML5 client once the other features are moved over in future releases which will hopefully be soon.  Hopefully you have enjoyed this look at VMware NSX 6.4 Released New Features and Upgrade process.  Look for future posts coming soon exploring more of the new functionality.

Subscribe to VirtualizationHowto via Email 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com and has over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, Brandon has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.