Hybrid Cloud Networking & Security Across Private and Native Public Clouds

 

VMware NSX Cloud provides single-pane-of-glass visibility, rich networking capabilities, consistent security policy, granular and operationally scalable micro-segmentation across the hybrid cloud network. NSX Cloud currently supports Microsoft Azure and Amazon AWS public clouds.

NSX Cloud Overview

Video Play Icon
(1:55)

NSX Cloud Overview

Learn how NSX Cloud delivers enterprise-class capabilities and operational efficiencies to applications running natively in public clouds.

The Premier Networking Event

The Premier Networking Event

Join your peers and industry experts at FUTURE:NET 2019 as we set the new coordinates.

BENEFITS 

Deployment Flexibility

NSX Cloud can be deployed in two different modes based on preference. Manage security posture and networking of public cloud workloads using NSX constructs(Agented) or native public cloud constructs (Agentless).

Consistent Security Across Clouds

Define a security policy once and apply to workloads anywhere – across virtual networks, regions, availability zones, and multiple private data centers and public clouds.

Precise Control Over Cloud Networking

Control cloud networking topologies, traffic flows, IP addressing, and protocols used within and across multiple public clouds.

End-to-End Operational Control and Visibility

NSX Cloud provides standard interfaces and APIs to plug into your existing operations tools to enable deep, end-to-end visibility for monitoring, troubleshooting and auditing across data centers and clouds.

Single Pane of Glass Visibility

NSX Cloud provides a complete inventory view across all accounts, regions, subscriptions, VPCs, and VNets and operational status of every VM to enable quicker troubleshooting.

FEATURES

NSX Enforced Mode (Agented)

Consistent security and networking policy enforcement across on-premises and native public cloud workloads using NSX tools.

Cloud Enforced Mode (Agentless)

Consistent security and networking policy enforcement across on-premises and native public cloud workloads using public cloud provider’s security and networking constructs.

Discovery and Protection of Native Public Cloud Service Endpoints

In addition to VMs and EC2 instances, NSX Cloud enables discovery and protection of native public cloud service endpoints

Multi-Cloud, Multi-Site Networking and Security

NSX Cloud brings networking and security capabilities to endpoints across multiple clouds. By integrating with NSX Data Center, it enables networking and security management across clouds and data center sites.

Micro-Segmentation

NSX Cloud provides granular control over East-West traffic between application workloads running natively in public clouds and on-premises Data Center. NSX Cloud also enables micro-segmentation of virtual desktops that are deployed by VMware Horizon Cloud.

Rich Abstraction for Security Policy Definition

Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.

Security Groups

Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.

Multiple Layers of Security – Quarantine Instances

With the default quarantine feature turned on, rogue and compromised workloads will be moved to the public cloud’s quarantine group, thus preventing it from communicating with the rest of the network and thereby providing multiple layers of security.

Dynamic Policy

Security policy is automatically applied and enforced based on instance attributes and user-defined tags. Policies automatically follow instances when they are moved within and across clouds.

Multiple Layers of Security – Quarantine Instances

With the default quarantine feature turned on, rogue and compromised workloads will be moved to the public cloud’s quarantine group, thus preventing it from communicating with the rest of the network.

Service Insertion

Selectively route North-South traffic using policy-based routing to third-party NGFW partner appliance.

Site-to-Site VPN

Built-in VPN support to encrypt traffic between on-premises and public cloud.

Distributed Architecture

A distributed firewalling architecture eliminates additional network hops and traffic because policies are enforced at the virtual network interface of each instance, rather than routed through an external firewall.

Shared Gateway in Transit VPC/VNet

Gateway consolidation in transit VPCs / VNets results in simpler administration, faster onboarding of compute VPCs/VNets, and enables selective routing of traffic for service insertion via third-party appliances.

Edge Firewalling

Stateful firewalling filters North-South traffic flowing between instances in virtual networks and the public Internet.

RESTful API

RESTful API and automation tools help to programmatically provision and configure networking and security infrastructure on-demand.

Templating

Use existing automation and orchestration tools to create standardized application templates, and simplify provisioning and management of networking and security services across public clouds.

Traffic Visibility with any SIEM tool

Use any existing Day 2 operations tool to gain real-time visibility into traffic flows and firewall logs within and across virtual private clouds.

News and Highlights

NSX Cloud in Azure Marketplace

The only way to run NSX in Azure public cloud.

NSX Cloud 2.3 - Support for AWS

Free visibility into public cloud workloads and more.

Single Security Policy for Hybrid Cloud Deployments Demo

Video Play Icon

Single Security Policy for Hybrid Cloud Deployments Demo

NSX Cloud can help extend your security policies from on-prem to AWS and Azure

NSX Cloud Now in AWS Solution Space

The VMware networking and security solution for AWS-native applications and hybrid cloud

What’s New for Cloud in NSX-T 2.4?

The latest wave of NSX Cloud capabilities

NSX Cloud for EC2 on AWS Outposts

The latest step forward in the march of the hybrid cloud.