Protect your Network with Context-Aware Micro-Segmentation


VMware NSX Data Center delivers consistent, automatable network security to workloads no matter where they live -- from the data center, to the cloud, to the edge. With NSX Data Center, network security policies can be defined based on application contexts and enforced on every individual workload, without the need to touch the physical network.


Learn about NSX security and micro-segmentation.

Empowering Zero Trust Security Through Network Virtualization and Micro-Segmentation


Security by Default

NSX Data Center enables automated security provisioning so that as new compute resources are created they are secured by default, from the moment they are spun up to the moment they are deprecated.

Application-Centric Security

Network security policies shouldn’t be limited to IP address and MAC. NSX Data Center allows security policies to be defined based on application, user, and workload contexts. Network security teams have more flexibility to design policies that are resilient in the face of ever-changing applications.

Granular Visibility and Control

NSX Data Center provides insight into network traffic flow between and within applications. It automatically suggests security groups and policies for achieving micro-segmentation. Implementing these policies is only a few mouse clicks away.


Micro-Segment Critical Applications

NSX Data Center makes network micro-segmentation feasible for the first time. Security policies are enforced at the individual workload level, which enables the segmentation of workloads that live on the same physical host without having to hairpin traffic out through an external physical or virtual firewall.

Dynamically Insert Third-Party Security Services

NSX Data Center allows for the insertion of advanced third-party security services into a given micro-segment. Rather than routing all network traffic through a physical device or virtual appliance, such as an NGFW or IDS/IPS, NSX Data Center can dynamically steer specific traffic at the virtual network layer.

Agentless Anti-Virus with Guest Introspection

Installing and managing AV agents on workloads in the data center is tedious and error-prone. NSX Data Center leverages guest introspection to offload AV agents from the workload to the hypervisor, improving workload efficiency and simplifying AV management without sacrificing protection.

Secure Virtual Desktop Infrastructures and Mobile Devices

Micro-segmentation allows NSX Data Center to give each desktop its own perimeter defense and per-App VPN access from mobile devices, eliminating unauthorized access between adjacent workloads.

Create DMZs Anywhere

NSX Data Center enables security and advanced services to be dynamically assigned to workloads independent of the underlying physical network. This dramatically improves time to response, overall security posture, and third-party integration.

Test-Drive Micro-segmentation

Try the NSX Data Center Micro-segmentation Hands-on Lab, no installation required.

See Lab Details 




Armor Shields its Customers from Cyber Threats

NSX Data Center provided a virtualized network environment to underpin Armor’s security-as-a-service solution and to fortify its managed cloud.


“NSX and VMware give us that ability to orchestrate our customers in a cloud-like environment, but give them the security wrapper that allows them from day one to be born secure.”

— Jeff Schilling, Chief Security Officer, Armor