Enhance Your Data Center Firewall with Advanced Threat Prevention


Powered by machine learning, VMware’s Advanced Threat Prevention (ATP) offering for the NSX Service-defined Firewall delivers network traffic analysis, intrusion detection and prevention, and advance malware analysis with comprehensive network detection and response capabilities. The solution is purpose-built to protect data center traffic with the industry’s highest fidelity insights into advanced threats.

Explore the Service-defined Firewall

Protect your data center with a next-gen internal firewall that includes stateful layer 7 access controls and advanced threat prevention.

Download Datasheet 

Learn about Distributed Internal Firewalls

Read the Internal Firewalls for Dummies eBook to understand the different types of network traffic and the firewalls that have evolved to protect them.

Get the eBook 

Benefits of NSX Advanced Threat Prevention

Get Threat Visibility Everywhere

Inspect all internal data center traffic for threats with deep visibility that leverages multiple threat detection techniques simultaneously.

Protect Against Advanced Malware

Leverage Advanced Threat Prevention to detect malware that’s been engineered to evade standard security tools.

Focus on the Real Threats

Reduce false positives — by up to 90 percent. Improving the accuracy of your alerts and enable your security teams to focus on a small set of actual intrusions.

Evolve to Proactive Threat Hunting

Move beyond merely reacting to alerts. Proactively hunt for emerging threats to your network before they impact the business.

Key Capabilities of VMware NSX Advanced Threat Prevention

Detect known threats in all east-west traffic using curated signatures based on precise application context.

Find malicious content traversing your network via hardware emulation and supervised machine learning models.

Uncover anomalous activity and malicious behavior across your network using supervised and unsupervised machine learning.

Filter large amounts of network data and events via a correlation engine to eliminate false positives and zero in on a smaller set of real intrusions.

Spotlight on Advanced Threat Prevention 

Video Play Icon

Operationalizing Advanced East-West Security at Scale in the Data Center

VMware is pioneering a new distributed approach to data center security through granular enforcement of virtual patching and blocking the lateral movement of threats.


Get a Technical Overview of IDS/IPS

NSX Distributed IDS/IPS is different from — and superior to — traditional appliance-based IDS/IPS. View the lightboard video to understand why.

Watch Video

Five Cyber Attacks You Would Miss without AI

Explore the ways different combinations of AI can detect and prevent some of the most challenging cyber attacks.

Read the Paper

How Machine Learning and AI Fit into Information Security

Address machine learning and artificial intelligence challenges in the context of securing your data center.

Read the Blog Post

Related Products

Upgrade to a Scale-out Internal Firewall

Secure east-west traffic with a purpose-built internal firewall, built-in to the hypervisor and distributed at every host.

More on Service-defined Firewall 

Automatically Stop Advanced Threats

Protect your north-south, east-west, and cloud traffic with a platform designed to detect and stop advanced threats before they cause significant disruption.

More on Network Detection and Response 

Rely on Advanced Threat Analysis

Gain complete visibility into advanced malware behavior with a unique full-system emulation-based network sandbox that detects malware more accurately.

More on Advanced Threat Analyzer 

Get Advanced Threat Detection with IDS/IPS

Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on east-west traffic and easily achieve compliance.

More on Distributed IDS/IPS