Registration Is Now Live for VMware Explore

Discover the center of the multi-cloud universe August 29 – September 1.

VMware Contexa, the VMware Threat Intelligence Cloud

VMware Contexa™ sees what others don’t, powering VMware Security to stop threats others can’t.

Rapidly Respond to Ransomware and Advanced Threats

Empower your network security and SOC teams with AI-powered threat correlation and forensics that efficiently detects malicious activity and blocks lateral movement of sophisticated threats. NSX Network Detection and Response (NDR) automatically correlates events from tap-less built-in detectors into threat campaigns creating an attack blueprint and timeline across MITRE ATT&CK that provides authoritative context, enabling faster and more efficient threat hunting.

Industry's First NDR Test

Workloads on the VMware multi-cloud platform are the only ones protected against APTs by the NSX NDR solution that is AAA certified by SE Labs.

Protect Your Multi-Cloud Environments

Get the latest threat report and discover the unique characteristics of malware on Linux-based systems and gain guidance on how you can stay ahead of devastating attacks.

Increase SOC Efficiency

Increase SOC Efficiency

Enable network security and SOC teams to quickly triage advanced threat campaigns by automatically correlating and mapping threat activities to MITRE ATT&CK with relevant authoritative context.

Reduce False Positives — and Negatives

Reduce False Positives — and Negatives

NSX NDR uses a combination of technologies including NTA, IDPS, Artifact Analysis, and both unsupervised machine and supervised machine learning to distinguish between malicious and benign activity.

Streamline Deployments

Streamline Deployments

NSX Distributed Firewall enables a completely tapless NDR architecture that eliminates network changes and complex traffic hairpinning architectures by distributing network sensor within the hypervisor.

Simplify Response Actions

Simplify Response Actions

Facilitate response actions across your security ecosystem for unified access control, threat forensics workflows, and automated response actions that block malicious traffic and quarantines compromised workloads.

Related Resources

Advanced Threat Prevention with NSX Distributed Firewall

Advanced Threat Prevention with NSX Distributed Firewall

Deliver effective security by using multiple detection technologies, including network sandboxing, combined with a correlation engine.

Ransomware Demands a Layered Defense

Ransomware Demands a Layered Defense

Fighting ransomware with prevention alone isn’t enough. You need Network Detection and Response to contain successful attacks.

How to Block Lateral Movement

How to Block Lateral Movement

Elevate network security with advanced detection of lateral movements that goes beyond EDR and logs.

Frequently Asked Questions

VMware NSX Network Detection and Response™ NSX Network Detection and Response (NDR) is an AI-based threat correlation and forensics engine delivered both standalone and integrated tightly within NSX Firewall. It helps network security and SOC teams efficiently detect malicious activity and block lateral movement of sophisticated threats.

See the NSX Network Detection and Response Solution Overview for a table of recommended hardware specifications.

NSX Network Detection and Response ensures complete coverage of all network traffic without blind spots by ingesting a broad set of threat signals from distributed network sensors spanning an IDS/IPS, NTA and network sandbox. It automatically correlates these and third-party threat intelligence feeds into threat campaigns ordered as timelines mapped to MITRE ATT&CK for higher accuracy detection of malicious activity.

Use cases for NSX Network Detection and Response include:

  • Ensuring complete protection by detecting and blocking lateral threat movements
  • Stopping advanced malware with a full system emulation network sandbox
  • Deployment of Network Detection and Response in Mulit-Clouds
  • Improve SOC forensics with single pane of glass management

Key features of NSX Network Detection and Response include:

  • Faster SOC triage with automatic MITRE ATT&CK mapping
  • Radically streamlined deployments
  • Broadest Set of Built-in Detectors
  • Distributed Agentless Network Sensors
  • Inspection of Encrypted Traffic and Artifacts

Why VMware for Network Detection and Response?

Workloads on the VMware multi-cloud platform are the only ones protected against APTs by the NSX NDR solution that is AAA certified by SE Labs.