Elevate Risk Management and Compliance

           

Meet PCI and HIPPA Compliance with VMware Solutions

Video Play Icon
(12:41)

Meet PCI and HIPAA Compliance Regulations

See how VMware can help you achieve your privacy and security goals.

Focus on your application experience, rather than worrying about the security of your infrastructure and data. By architecting security controls directly into the hypervisor, VMware enables you to operate with consistent security across data center, cloud, and edge. You’ll better manage security risk and compliance, and you’ll be protecting applications and data wherever they live.

ESG’s Perspective on How to Reduce Compliance Risk

Reduce HIPAA & PCI Compliance Risk with VMware NSX

Change the way you secure the applications in your environment by enabling a zero-trust security model via micro-segmentation. Then go further: reduce the scope of compliance by isolating the systems that store, process or transmit sensitive data. VMware NSX enables a fundamentally more secure environment and helps to ensure and demonstrate compliance with many regulations, including PCI DSS, HIPAA, GDPR, FedRAMP, SOC, CJIS, DISA, STIG, and more.

Get ESG’s Perspective

Mitigate Risk, Drive Compliance

Achieve a Zero-Trust Security Posture

Deliver zero-trust security across data centers and clouds by leveraging micro-segmentation to enable granular protection at the VM level.

Solve for Risk Fragmentation

Simplify security with security controls architected directly into the hypervisor.

Drive Visibility and Context

Gain visibility across application infrastructure and data center endpoints, enabling validation of configuration and real-time state against regulatory controls.

Reduce Compliance Scope

Lower the scope of compliance and cut down overall audit durations by isolating the systems that store, process, or transmit sensitive data.

Spotlight on Risk & Compliance Management

VMware NSX Security Configuration Guide

Learn how to deploy and operate VMware NSX in a secure manner.

Download Configuration Guide

VMware Compliance and Cyber Risk Solutions

Deliver security and compliance in highly regulated environments.

Learn More

VMware NSX Micro-segmentation Day 1 Guide

Implement NSX for added security and visibility via micro-segmentation.

Download Guide

We’re Powering Our Customers’ Success 

City of North Las Vegas Delivers Security and Compliance

Video Play Icon
(3:03)

City of North Las Vegas Delivers Security and Compliance

To better enable and protect its agencies, the city relies on virtualized infrastructure from VMware for all its services.

West Bend Mutual Insurance Reduces Risk with NSX

Video Play Icon
(2:16)

West Bend Mutual Insurance Reduces Risk with NSX

West Bend Mutual leverages VMware NSX for preventative controls to secure sensitive data and mitigate risk.

VMware Delivers Compliance for Key Regulations

FIPS

NSX Data Center can be configured to operate in FIPS compliant mode with FIPS 140-2 validated cryptographic modules. A FIPS compliance report helps configure and operate NSX deployments securely while adhering to prescribed FIPS standards. See NSX-T Data Center Compliance-Based Configuration for the list of cryptographic modules used in NSX-T Data Center that are validated for FIPS 140-2.

ICSA

This is an industry-wide accepted standard certification which tests and certifies products including anti-virus, firewall, IPSec VPN, cryptography, SSL VPN, network IPS, anti-spyware, and PC firewall products. Both NSX Data Center for vSphere Distributed Firewall and Edge Firewall are certified against ICSA Corporate Firewall criteria.

Common Criteria

NSX Data Center for vSphere 6.3.0 has been tested for compliance with the EAL2+ level of assurance. Running a Common Criteria-compliant NSX Data Center installation requires that you configure NSX Data Center as explained in the document Configuring NSX for Common Criteria as part of the NSX Data Center Administration Guide.

PCI Compliance

Other standards such as NIST 800-53, IRS 1075, and MARS-E are mostly related to processes, procedures, or policies with Access Control/RBAC and Auditing being the applicable sections to NSX Data Center. For specific product details, refer to: VMware Product Applicability for PCI DSS.

GDPR Compliance  

As of May 25, 2018, the General Data Protection Regulation (GDPR) is enforceable in the European Union. VMware’s portfolio of technology and services can help customers implement solutions for data protection use cases, which in turn may form part of an organization’s efforts to comply with the GDPR.

IT Management and the GDPR: The VMware Perspective

Find out where the VMware portfolio can help you implement solutions for data protection use cases in the context of the GDPR.

Download Solution Overview

GDPR and Addressing Data Security Gaps with VMware

Advance your GDPR readiness by reviewing your handling of personal data and your enforcement of processes to protect that data.

Read the Blog

Expand Your Virtual Cloud Capabilities

Transform Your Business

Learn about a new approach to building and operating a single virtual cloud network for all your apps and data, wherever they run.

More on Networking & Security Transformation 

Deliver Intrinsic Security

Leverage adaptive, intelligent protection and deep visibility to secure apps and workloads in your data centers, clouds, and endpoints.

More on Enterprise Security Solutions 

Build on a Foundation of NSX

Connect and protect applications across your data centers and clouds with virtualized networking and security via VMware NSX.

More on NSX 

Leverage Global Visibility

Enhance your management of network traffic and security protections with 360 degree visibility across all your environments.

More on vRealize Network Insight