Step Up to A Distributed IDS/IPS Solution


Enable your security team to respond faster and more effectively to threats across your data centers by leveraging NSX Service-defined Firewall with Advanced Threat Prevention (ATP). ATP includes a comprehensive set of threat detection and prevention capabilities, including IDS/IPS. Leverage the unique distributed architecture and precise application context of NSX Distributed IDS/IPS to replace discrete appliances and achieve regulatory compliance.

An Overview of NSX Distributed IDS/IPS

Learn why NSX Distributed IDS/IPS is different from — and superior to — traditional appliance — based IDS/IPS.

Watch Now (2:33) 

Distributed IDS/IPS Solution Brief

Discover how IDS/IPS breaks traditional security trade offs between breadth of security coverage and operational complexity.

Download Solution Brief 

Benefits of IDS/IPS

Gain Elastic Throughput

Scale inspection capacity automatically and eliminate hardware bottlenecks with IDS/IPS functionality built-in to each workload.

Simplify Your Network Architecture

Reduce network congestion and simplify network design by eliminating the need to hair-pin traffic to centralized appliances.

Reduce False Positives

Achieve more zero-false-positive workloads with curated rulesets and higher-fidelity signature matches based on precise application context.

Improve Utilization of Compute Capacity

Re-use existing stranded compute capacity and eliminate the need for dedicated appliances.

How VMware IDS/IPS is Different

Distributed analysis to eliminate blind spots

Curated, context-based signature distribution

Threat detection based on application context

Policy and state mobility for each workload

Spotlight on IDS/IPS  

IDS/IPS in the Data Center

Video Play Icon

IDS/IPS in the Data Center

IDS/IPS in the Data Center operate under different constraints than traditional IDS/IPS. View the lightboard video to understand why.

Knock, Knock: Is This Security Thing Working?

SANS discusses the Intrinsic Security approach. Read the white paper to understand why current security solutions don’t work and how to tackle the problem proactively.

Read White Paper

To Enable Zero Trust, Rethink Your Firewall Strategy

Forrester examines how built-in, application-centric security can effectively protect east-west traffic. 

Read the Paper

Take Advantage of VMware NSX Distributed IDS/IPS

NSX Distributed IDS/IPS is available now. Check out the blog post on virtual patching with distributed IDS/IPS.

Read the Blog

What Are the Key Use Cases for NSX Distributed IDS/IPS?

Easily Achieve Regulatory Compliance

Simply turn-on traffic inspection with a software-driven deployment model without needing to buy expensive appliances.

Virtualize Security Zones

Create and customize multiple virtual security zones for internal teams and partners without requiring physical separation of network.

Replace Discrete Appliances

Leverage native IDS/IPS capabilities within NSX to replace traditional IDS/IPS appliances, including standalone, firewall-based, or virtual host-based.

Virtually Patch Vulnerabilities

Enable wide-spread use of virtual patching for all workloads in the data center.

Related Products

Upgrade to a Scale-out Internal Firewall

Secure east-west traffic with a purpose-built internal firewall, built-in to the hypervisor and distributed at every host.

More on Service-defined Firewall 

Deploy Advanced Threat Prevention

Inspect all network traffic and obtain the industry’s highest fidelity insights into advanced threats.

More on Advanced Threat Prevention 

Rely on Advanced Threat Analysis

Gain complete visibility into advanced malware with a unique isolation and inspection environment that speeds security responses.

More on NSX Advanced Threat Analyzer  

Automatically Stop Advanced Threats

Protect your north-south, east-west, and cloud traffic with a platform designed to detect and stop advanced threats before they cause significant disruption.

More on Network Detection and Response