Unlock the value of any cloud and accelerate the delivery of modern applications with VMware Cloud.
Accelerate modern app operations with network and security virtualization for WAN, data center and cloud.
Enable any employee to work anywhere, anytime with seamless employee experiences.
Secure your infrastructure across any app, any cloud and any device.
Explore tailored solutions for your application framework, cloud infrastructure and security architecture.
Build, run, manage, connect and protect all of your apps, anywhere with a digital foundation built on VMware.
Enable your security team to respond more effectively to threats across your data centers with Distributed IDS/IPS.
NSX Service-defined Firewall with Advanced Threat Prevention includes a comprehensive set of detection and prevention capabilities, including Distributed IDS/IPS. Leverage its unique architecture and precise app context to replace discrete appliances and gain operational simplicity.
Achieve more zero-false-positive workloads with curated rulesets and higher-fidelity signature matches based on precise application context.
Scale inspection capacity automatically and eliminate hardware bottlenecks with IDS/IPS functionality built-in to each workload.
Reduce network congestion and simplify network design by eliminating the need to hair-pin traffic to centralized appliances.
Re-use existing stranded compute capacity and eliminate the need for dedicated appliances.
Leverage native IDS/IPS capabilities within NSX to replace traditional IDS/IPS appliances, including standalone, firewall-based or virtual host-based.
Enable wide-spread use of virtual patching for all workloads in the data center.
Create and customize multiple virtual security zones for internal teams and partners without requiring physical separation of network.
Simply turn on traffic inspection through a software-driven deployment model without needing to buy expensive appliances.
Identify Threats
Patching
Zones
Compliance
IDS/IPS in the data center operate under different constraints than traditional IDS/IPS. Watch the lightboard video to understand why.
See why enterprises are rethinking their firewall strategy and focusing more on securing east-west network traffic to enable zero trust.
Learn why enterprises continue to get breached, despite significant spending on security, and how to get started with intrinsic security in your network, using data that you already have.
Layer 7 internal firewall
Network traffic analysis and intrusion prevention for NSX Service-Defined Firewall
Complete malware analysis
AI-powered network detection and response (NDR)
NSX Distributed IDS/IPS is an application-aware intrusion detection system/intrusion prevention system (IDS/IPS) purpose-built for analyzing east-west traffic and detecting lateral threat movements.
NSX Distributed IDS/IPS uses an all-software distributed approach by moving traffic inspection out to every workload. It eliminates the need to hair-pin traffic to discrete appliances, ensuring comprehensive coverage without any blind spots.
Key capabilities of NSX Distributed IDS/IPS include:
For full capabilities, see the solution overview.
Use cases for NSX Distributed IDS/IPS include:
The benefits of NSX Distributed IDS/IPS include:
