Showing results for 
Search instead for 
Did you mean: 

Ask the Expert: DeepDive Cisco Nexus 1000V Series Switches

Community Manager
Community Manager

Cisco Support COmmunity Expert Webcast Series DEEP DIVE in-depth

Based from the Deep-Dive series webcast, Cisco Expert Vishal Mehta will be available for an Ask the Expert discussion focused on the advantages of Nexus 1000v Solution across spectrum of technologies and how it can be leveraged to enhance your Data Center Virtual Infrastructure to meet the next-generation goals.

Ask your Questions from February 12 through March 4, 2015

Vishal Mehta is a Technical Marketing Engineer with Cisco's Data Center Competitive Insights Team based in San Jose, California. Previously he was working as the customer support engineer for Cisco’s Data Center Server Virtualization Technical Assistance Center (TAC) team for the past 3 years with a primary focus on data center technologies such as Cisco Nexus® 5000, Cisco UCS, Cisco Nexus 1000V, and virtualization. He presented at Cisco Live in Orlando 2013, Milan 2014, and San Francisco 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in Electrical and Computer Engineering and has CCIE® certification (# 37139) in Routing/Switching, Service Provider & Data Center


Part 1: Conquered Territory: Multi-Hypervisor – February 12, 2015
This session will discuss and compare about Nexus 1000v deployments on VMware, Hyper-V and Openstack-KVM hypervisors.


Part 2: Meet the 1000v Family: The Secret of Unity – February 17, 2015
This session will discuss vPath: The Secret behind uniting Virtual Network Services provided by ASA 1000v, VSG, vWAAS, Nexus 1000v, vNAM.


Part 3: Game Changer: Silver Lining in the Cloud – February 24, 2015
The core of this session will go through Nexus 1000v capabilities in ACI and ICF.

Find other

**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions

41 Replies 41


How is ASAv different that Physical ASA?

Hello Lisa,


Both Physical ASA and Virtual ASA are Layer 3 edge firewall providing traditional filtering capabilities between different subnets.

However ASAv does not have all the capabilities that exists in Physical ASA. 

for example: 

ASAv does not have DMZ interfaces and cannot have sub-interfaces.
Also the protected VMs needs to in same subnet as inside interface and cannot be L3 hop away in comparison with Physical ASA

ASAv is targeted for virtual workloads on tenant-basis (smaller-scale) so that traffic does not need to traverse all the way in core to reach Physical ASA for getting firewall services



Jessica Deaken

hi there.. I'd like to know that since VSG and ASAv are both firewalls, how is traffic protected by both?


Hello Jessica,

Both ASAv and VSG are used in conjunction to provide over firewall security.


VSG provides intra-vlan (i.e. east-west traffic) security at L2 

ASAv provides inter-vlan (i.e. north-south traffic) security at edge (L3).


So using vPath service-chaining we can leverage both firewalls.




Jackson Braddock

Does PNSC integrate with other Prime Modules (ie Infrastructure)?

Hi Jackson,


PNSC can integrate with all Virtual Service Nodes (VSNs) such as VSG, ASAv, VSM, vNAM, vWAAS, CSRv, Netscaler.

PNSC integrates with Virtual Machine Managers like vCenter and SCVMM 

It can also integrate with VACS, UCS-Director, ICF-Director for cloud provisions

It exposes North-bound API to integrate with 3rd party and orchestration tools




Marcelo Vieira

Hey Vishal..

What type of communication happens on PNSC with other components?

Hello Marcelo,


PNSC is in control plane with all virtual components.

Using policy-agent (communication application running across these components), PNSC can push new/modified configurations, policies to the components; also retrieve state information from the components; get VM attributes from Virtual-Manager and so on...

With aid of policy-agent, PNSC acts as communication channel across all components to make sure the policies remain in-tact.




Emanuel Diaz

How do I migrate VSM from using VM to VSB on Nexus 1110?

Hello Emanuel,

Detailed guidelines with configuration steps to migrate VSM as VM to as VSB is specified at below guide:

If you have any doubts on above migration steps, please let me know.



Emanuel Diaz

Also, is there a good video demo available which explains/shows the deployment/configuration steps of nexus 1000v on the nexus 1110 appliance ?

Does HA functionality has preempt feature in VSG/ASAv ?

Hi Christopher,

VSG or ASAv HA functionality does not have preempt feature (like that of HSRP).

Thanks,  Vishal

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: