Hybrid Cloud Networking & Security Across Private and Native Public Clouds
VMware NSX Cloud provides single-pane-of-glass visibility, rich networking capabilities, consistent security policy, granular and operationally scalable micro-segmentation across the hybrid cloud network. NSX Cloud currently supports Microsoft Azure and Amazon AWS public clouds.
NSX Cloud Overview
NSX Cloud Overview
Learn how NSX Cloud delivers enterprise-class capabilities and operational efficiencies to applications running natively in public clouds.
The Premier Networking Event
The Premier Networking Event
Join your peers and industry experts at FUTURE:NET 2019 as we set the new coordinates.
BENEFITS
Deployment Flexibility
NSX Cloud can be deployed in two different modes based on preference. Manage security posture and networking of public cloud workloads using NSX constructs(Agented) or native public cloud constructs (Agentless).
Consistent Security Across Clouds
Define a security policy once and apply to workloads anywhere – across virtual networks, regions, availability zones, and multiple private data centers and public clouds.
Precise Control Over Cloud Networking
Control cloud networking topologies, traffic flows, IP addressing, and protocols used within and across multiple public clouds.
End-to-End Operational Control and Visibility
NSX Cloud provides standard interfaces and APIs to plug into your existing operations tools to enable deep, end-to-end visibility for monitoring, troubleshooting and auditing across data centers and clouds.
Single Pane of Glass Visibility
NSX Cloud provides a complete inventory view across all accounts, regions, subscriptions, VPCs, and VNets and operational status of every VM to enable quicker troubleshooting.
FEATURES
NSX Enforced Mode (Agented)
Consistent security and networking policy enforcement across on-premises and native public cloud workloads using NSX tools.
Cloud Enforced Mode (Agentless)
Consistent security and networking policy enforcement across on-premises and native public cloud workloads using public cloud provider’s security and networking constructs.
Discovery and Protection of Native Public Cloud Service Endpoints
In addition to VMs and EC2 instances, NSX Cloud enables discovery and protection of native public cloud service endpoints
Multi-Cloud, Multi-Site Networking and Security
NSX Cloud brings networking and security capabilities to endpoints across multiple clouds. By integrating with NSX Data Center, it enables networking and security management across clouds and data center sites.
Micro-Segmentation
NSX Cloud provides granular control over East-West traffic between application workloads running natively in public clouds and on-premises Data Center. NSX Cloud also enables micro-segmentation of virtual desktops that are deployed by VMware Horizon Cloud.
Rich Abstraction for Security Policy Definition
Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.
Security Groups
Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.
Multiple Layers of Security – Quarantine Instances
With the default quarantine feature turned on, rogue and compromised workloads will be moved to the public cloud’s quarantine group, thus preventing it from communicating with the rest of the network and thereby providing multiple layers of security.
Dynamic Policy
Security policy is automatically applied and enforced based on instance attributes and user-defined tags. Policies automatically follow instances when they are moved within and across clouds.
Multiple Layers of Security – Quarantine Instances
With the default quarantine feature turned on, rogue and compromised workloads will be moved to the public cloud’s quarantine group, thus preventing it from communicating with the rest of the network.
Service Insertion
Selectively route North-South traffic using policy-based routing to third-party NGFW partner appliance.
Site-to-Site VPN
Built-in VPN support to encrypt traffic between on-premises and public cloud.
Distributed Architecture
A distributed firewalling architecture eliminates additional network hops and traffic because policies are enforced at the virtual network interface of each instance, rather than routed through an external firewall.
Shared Gateway in Transit VPC/VNet
Gateway consolidation in transit VPCs / VNets results in simpler administration, faster onboarding of compute VPCs/VNets, and enables selective routing of traffic for service insertion via third-party appliances.
Edge Firewalling
Stateful firewalling filters North-South traffic flowing between instances in virtual networks and the public Internet.
RESTful API
RESTful API and automation tools help to programmatically provision and configure networking and security infrastructure on-demand.
Templating
Use existing automation and orchestration tools to create standardized application templates, and simplify provisioning and management of networking and security services across public clouds.
Traffic Visibility with any SIEM tool
Use any existing Day 2 operations tool to gain real-time visibility into traffic flows and firewall logs within and across virtual private clouds.
News and Highlights
Single Security Policy for Hybrid Cloud Deployments Demo
Single Security Policy for Hybrid Cloud Deployments Demo
NSX Cloud can help extend your security policies from on-prem to AWS and Azure
NSX Cloud Now in AWS Solution Space
The VMware networking and security solution for AWS-native applications and hybrid cloud
NSX Cloud for EC2 on AWS Outposts
The latest step forward in the march of the hybrid cloud.