VMware NSX decouples security functions from the underlying physical infrastructure and embeds them directly into the hypervisor, distributing them across the data center. This fundamental shift in how security is delivered overcomes the shortcomings of legacy architectures. It allows intelligent security policies to travel with virtual workloads, independent of the physical network topology.


NSX Security and Micro-Segmentation

Micro-Segmentation Day 1 Guide

Our new guide helps you plan, design and implement a modern security architecture for the Software-Defined Data Center based on micro-segmentation.

Download the Guide

Hands-on Lab

The Distributed Firewall with Micro-Segmentation lab looks at solutions for collapsing segmented networks, intelligent grouping of servers, and user-based security.

See Lab Details

Use Cases for Security


NSX makes network micro-segmentation feasible for the first time. It enables granular firewalling and security policy enforcement for every workload in the data center, independent of the network topology and complexity.

DMZ Anywhere

NSX enables security and advanced services to be dynamically assigned to workloads independent of the underlying physical network. This dramatically improves time to response, overall security posture, and third-party integration.

Secure End User

Micro-segmentation allows NSX to give each desktop its own perimeter defense and per-App VPN access from mobile devices, eliminating unauthorized access between adjacent workloads.

Success Stories



Armor Shields its Customers from Cyber Threats

NSX provided a virtualized network environment to underpin Armor’s security-as-a-service solution and to fortify its managed cloud.


“NSX and VMware give us that ability to orchestrate our customers in a cloud-like environment, but give them the security wrapper that allows them from day one to be born secure.”

— Jeff Schilling, Chief Security Officer, Armor