VMware NSX Cloud delivers consistent and operationally scalable micro-segmentation security for applications running natively in public clouds, managed alongside data center resources for consistent end-to-end networking and security. NSX Cloud currently supports Microsoft Azure and Amazon AWS public clouds.
NSX Cloud brings networking and security capabilities to endpoints across multiple clouds. By integrating with NSX Data Center, it enables networking and security management across clouds and data center sites.
NSX Cloud provides control over East-West traffic between application workloads running natively in public clouds.
Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.
Security policy is automatically applied and enforced based on instance attributes and user-defined tags. Policies automatically follow instances when they are moved within and across clouds.
You can quarantine rogue and compromised workloads that are running in the public cloud without micro-segmentation security. Quarantined instances are prevented from communicating on the cloud network.
A distributed firewalling architecture eliminates additional network hops and traffic because policies are enforced at the virtual network interface of each instance, rather than routed through an external firewall.
Stateful firewalling filters North-South traffic flowing between instances in virtual networks and the public Internet.
RESTful API and automation tools help to programmatically provision and configure networking and security infrastructure on-demand.
Use existing automation and orchestration tools to create standardized application templates, and simplify provisioning and management of networking and security services across public clouds.
Use existing Day 2 operations tools to gain visibility into East-West traffic within and across virtual private clouds.
Gain real-time visibility and auditing of security events such as allows/denies and quarantine incidents. Send security event information to a Syslog or SIEM server.
Define a security policy once and apply to workloads anywhere – across virtual networks, regions, availability zones, and multiple private data centers and public clouds.
Control cloud networking topologies, traffic flows, IP addressing, and protocols used within and across multiple public clouds.
NSX Cloud provides standard interfaces and APIs to plug into your existing operations tools to enable deep, end-to-end visibility for monitoring, troubleshooting and auditing across data centers and clouds.