Gain East-West Protection Without Complexity
Enable your security team to respond more effectively to threats across your data centers with VMware’s Distributed IDS/IPS solution.NSX Distributed Firewall includes a comprehensive set of detection and prevention capabilities, including Distributed IDS/IPS. Leverage its unique architecture and precise app context to replace discrete appliances and gain operational simplicity.
Reduce False Positives
Achieve more zero-false-positive workloads with curated rulesets and higher-fidelity signature matches based on precise application context.
Gain Elastic Throughput
Scale inspection capacity automatically and eliminate hardware bottlenecks via IDS/IPS functionality built-in to each workload.
Simplify Your Network Architecture
Reduce network congestion and simplify network design by eliminating the need to hair-pin traffic to centralized appliances.
Virtually Patch Vulnerabilities
Utilize IDS/IPS to enable wide-spread use of virtual patching for all workloads in the data center.
Virtualize Security Zones
Create and customize multiple virtual security zones for internal teams and partners without requiring physical separation of the network.
Easily Achieve Regulatory Compliance
Simply turn on traffic inspection through a software-driven deployment model — without needing to buy expensive appliances.
Frequently Asked Questions
NSX Distributed IDS/IPS is an application-aware intrusion detection system/intrusion prevention system (IDS/IPS) purpose-built for analyzing east-west traffic and detecting lateral threat movements.
NSX Distributed IDS/IPS uses an all-software distributed approach that moves traffic inspection out to every workload. It eliminates the need to hair-pin traffic to discrete appliances, ensuring comprehensive coverage without any blind spots.
Key capabilities of NSX Distributed IDS/IPS include:
- Distributed analysis
- Curated, context-based signature distribution
- Application context-driven threat detection
- Policy and state mobility
- Automated policy lifecycle management
For full capabilities, see the solution overview.
Use cases for NSX Distributed IDS/IPS include:
- Easily achieving regulatory compliance
- Virtualizing security zones
- Replacing discrete appliances
- Virtually patch vulnerabilities
The benefits of NSX Distributed IDS/IPS include:
- Reduction in false positives
- Simplified network architecture
- Elastic throughput
- Improvement in capacity utilization