Protect rising east-west traffic with NSX Service-defined Firewall. Gain superior protection with an easy-to-deploy, purpose-built firewall that secures data center traffic across all your workloads.
Get complete coverage with up to 20Tbps firewalling per SDDC.
Lower CapEx relative to traditional firewall appliances.
Lower OpEx, with no network changes and automated policies.
Attackers are increasingly focused on finding and exploiting vulnerabilities in your network, making east-west traffic the new battleground. The VMware NSX Service-defined Firewall makes it difficult for malicious actors to stay in your network. Its distributed architecture, delivered in software, includes a full-stack, scale-out internal firewall and advanced threat prevention. This enables zero trust security for your software-defined data center that’s easy to deploy and automates policy, while reducing overall costs.
Gain visibility into traffic and easily create network segmentation by defining them entirely in software — no need to change your network or hairpin traffic by deploying discrete appliances.
Detect and prevent malicious traffic with distributed IDS/IPS at every workload, allowing you to reduce workload significantly by applying virtual patching to vulnerable workloads.
Easily create, enforce, and manage micro-segmentation policies with deep visibility and comprehensive policy controls.
Leverage multiple advanced threat prevention techniques to detect intrusion attempts and malicious behavior from known and unknown malware and block threats from moving laterally across your network.
Radically simplify firewall deployment and operations by eliminating changes to the network and avoiding traffic hairpinning. Replace multiple appliance-based solutions with a per-workload stateful L7 firewall that’s delivered in software, reducing CapEx by up to 75%.
Leverage the only stateful L7 firewall built into the infrastructure that prevents lateral movement of attacks. Deployed into the hypervisor, NSX Service-defined Firewall enjoys unmatched visibility into network and unrivaled workload context to identify and block threats, while remaining isolated from the attack surface.
Speed your network operations by enabling a true public cloud security experience in your private cloud. Deliver “security as code” with an API-driven, object-based policy model that delivers policy recommendations, automates policy mobility and ensures new workloads automatically receive appropriate security policies.
Achieve agile security via consistent firewall policies across multiple environments. Regardless of where your workload lives or moves, your virtualized, containerized and physical workloads will maintain their security policies. Write your policy once, and automatically enforce it everywhere.