Risk Management and Compliance Solutions
VMware risk and compliance solutions enable consistent security operations across data center, cloud, and edge locations to protect applications and data wherever they live.
Gain visibility across application infrastructure and data center endpoints, enabling validation of configuration and real-time state against regulatory controls.
Simplify security with security controls architected directly into the hypervisor.
Lower the scope of compliance and cut down overall audit durations by isolating the systems that store, process, or transmit sensitive data.
NSX Data Center can be configured to operate in FIPS compliant mode with FIPS 140-2 validated cryptographic modules. A FIPS compliance report helps configure and operate NSX deployments securely while adhering to prescribed FIPS standards. See NSX-T Data Center Compliance-Based Configuration for the list of cryptographic modules used in NSX-T Data Center that are validated for FIPS 140-2.
NSX Data Center for vSphere 6.3.0 has been tested for compliance with the EAL2+ level of assurance. Running a Common Criteria-compliant NSX Data Center installation requires that you configure NSX Data Center as explained in the document Configuring NSX for Common Criteria as part of the NSX Data Center Administration Guide.
This is an industry-wide accepted standard certification which tests and certifies products including anti-virus, firewall, IPSec VPN, cryptography, SSL VPN, network IPS, anti-spyware, and PC firewall products. Both NSX Data Center for vSphere Distributed Firewall and Edge Firewall are certified against ICSA Corporate Firewall criteria.
Other standards such as NIST 800-53, IRS 1075, and MARS-E are mostly related to processes, procedures, or policies with Access Control/RBAC and Auditing being the applicable sections to NSX Data Center. For specific product details, refer to: VMware Product Applicability for PCI DSS.