Rely on a distributed, L2-L7 firewall to secure east-west traffic via streamlined, intrinsic application protection. Leverage deep visibility into workload behavior and stateful protection as you mitigate risk, ensure compliance, and lower costs while vastly simplifying the operational model of firewalling every workload.
Understand Why Enterprises Are Securing East-West Network Traffic
Read the Forrester thought leadership paper on enabling zero trust with a new firewall strategy.
Leverage the only solution built into the infrastructure that detects and mitigates threats on east-west traffic within the perimeter. From its unique position within the hypervisor, Service-defined Firewall brings unmatched visibility into both network traffic and app behavior to provide better protection against threats.
Eliminate the security blind-spots that result from numerous discrete solutions and misaligned protection policies. Entirely within the infrastructure fabric, Service-defined Firewall automatically creates, distributes, moves, and decommissions policies according to each workload’s lifecycle.
Replace multiple security appliances with built-in, L2-L7 distributed firewalling and workload protection controls to reduce CapEx by up to 60%. Then slash OpEx and radically simplify operations by eliminating the need for complex traffic hair-pinning architectures and associated management overhead.
Easily create, enforce, and automatically adapt macro and micro-segmentation policies between environments, compliance zones, applications, or even workloads. Leverage stateful Layer 7 firewall controls including AppID, UserID, WAF and URL whitelisting.More on Micro-segmentation
Get 360 degree visibility into every workload, including roles, metadata, process, and network activity. Visualize application topologies, automatically recommend segmentation policies for enforcement, and link policy lifecycles to workloads.More on Workload Intelligence
Replace discrete appliances with a fully distributed software IDS/IPS solution to easily achieve compliance, create virtual zones, and detect lateral threat movement on east-west (E-W) network traffic.More on IDS/IPS
Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on E-W traffic & easily achieve compliance.More on NSX Distributed IDS/IPS