Take advantage of a distributed, services-aware firewall to protect your organization’s traffic across private and public clouds, including VMs and containers. With capabilities from L2 to L7 and advanced threat protection, the VMware Service-defined Firewall makes it easy to provide intrinsic security for all traffic — and all workloads — within your network.
Learn How Traditional Firewalls Are Creating Security Compromises
Read the Forrester report on how to effectively protect east-west network traffic.
Leverage the only solution built into the infrastructure that detects and mitigates threats on east-west traffic within the perimeter. From its unique position within the hypervisor, the Service-defined Firewall brings unmatched visibility into both network traffic and app behavior to provide better protection against threats.
Eliminate the security blind-spots that result from numerous discrete solutions and misaligned protection policies. The Service Defined Firewall automatically creates, distributes, moves, and decommissions policies according to each workload’s lifecycle entirely within the infrastructure fabric.
Replace multiple security appliances with built-in, L2-L7 distributed firewalling and workload protection controls to reduce CapEx by up to 60%. Then slash OpEx and radically simplify operations by eliminating the need for complex traffic hair-pinning architectures and associated management overhead.
Easily create, enforce, and automatically adapt macro and micro-segmentation policies between environments, compliance zones, applications, or workloads. Leverage stateful Layer 7 firewall controls including AppID, UserID, WAF and URL whitelisting.More on Micro-segmentation
Get 360 degree visibility into every workload, including roles, metadata, process, and network activity. Visualize application topologies automatically, recommend segmentation policies for enforcement, and link policy lifecycles to workloads.More on Workload Intelligence
Replace discrete appliances with a fully distributed software IDS/IPS solution to easily achieve compliance, create virtual zones and detect lateral threat movement on east-west (E-W) network traffic.More on IDS/IPS
Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on E-W traffic & easily achieve compliance.More on NSX Distributed IDS/IPS