← Back to Engineering Blog
πŸ—“οΈ Aug 25, 2019 ⏱️ 1 min read

Debugging Flow Telemetry: Using vRealize Network Insight (vRNI)

How we used vRealize Network Insight (vRNI) for 360-degree flow visibility, day-2 operations, and microsegmentation planning.

πŸŽ™οΈ Listen to Article READY
AI Audio Synthesis Narrator
Share Post:

β€œBefore deploying a zero-trust Distributed Firewall policy, you must map every flow. Blindly applying default-deny without flow visibility will crash production.”

At IBM, we used vRealize Network Insight (vRNI) to map microsegmentation rules before enforcing zero-trust firewall policies across customer SDDC deployments.


Flow Capture & Analysis

vRNI ingests NetFlow/IPFIX from virtual switches, firewall syslogs, and BGP routing tables from physical switches.

# # vRNI Search Query for East-West Unfiltered Traffic
flows where firewall Action = 'ALLOWED' and Source Security Group = 'App-Tier' and Destination Security Group = 'DB-Tier'

[!IMPORTANT] Always run flow analysis for a minimum of 30 days prior to enforcing DFW rules to capture monthly batch jobs and backup cycles.


The Verdict

Key Takeaway

Never Deploy Zero Trust Without Flow Visibility.

Use tools like vRealize Network Insight (Network Detection & Response) to map application dependencies before turning on default-deny rules.

SKS

Sachin Kumar Sharma

Associate Director (Infrastructure & Cloud Architecture Strategy) | 20+ Yrs Exp

Architecting resilient multi-cloud enterprise landing zones, SDN overlay fabrics, DevSecFinOps automation pipelines, and autonomous Agentic AI platforms.