We test NDR products privately and regularly, and have not awarded any other products a AAA rating.
Enable SOC teams to quickly triage advanced threat campaigns by automatically correlating and mapping threat activities to MITRE ATT&CK with relevant authoritative context.
NSX NDR uses a combination of technologies including NTA, IDPS, Artifact Analysis, and both unsupervised machine and supervised machine learning to distinguish between malicious and benign activity.
NSX Distributed Firewall enables a completely tapless NDR architecture that eliminates network changes and complex traffic hairpinning architectures by distributing network sensor within the hypervisor.
Facilitate response actions across your security ecosystem for unified access control, threat forensics workflows, and automated response actions that block malicious traffic and quarantines compromised workloads.
Detect and prevent threats entering or moving laterally within the network, ensuring complete protection — with no blind spots.
Leverage the power of a full system emulation network sandbox that sees every malware interaction to detect ransomware, advanced and evasive threats.
Quickly deploy Network Detection and Response technology in any cloud for consistent threat visibility and detection across public and private clouds.
Utilize a tight integration with NSX Network Security Analytics and Management for single pane of glass across firewall access policies, application and network maps, and MITRE ATT&CK-based threat correlation.
VMware NSX Network Detection and Response™ NSX Network Detection and Response (NDR) is an AI-based threat correlation and forensics engine delivered both standalone and integrated tightly within NSX Firewall. It helps network security and SOC teams efficiently detect malicious activity and block lateral movement of sophisticated threats.
See the NSX Network Detection and Response Solution Overview for a table of recommended hardware specifications.
NSX Network Detection and Response ensures complete coverage of all network traffic without blind spots by ingesting a broad set of threat signals from distributed network sensors spanning an IDS/IPS, NTA and network sandbox. It automatically correlates these and third-party threat intelligence feeds into threat campaigns ordered as timelines mapped to MITRE ATT&CK for higher accuracy detection of malicious activity.
Use cases for NSX Network Detection and Response include:
Key features of NSX Network Detection and Response include: