VMware Service-defined Firewall
Harness Intrinsic Security for a Better Internal Firewall
Rely on a distributed, L2-L7 firewall to secure east-west traffic via streamlined, intrinsic application protection. Leverage deep visibility into workload behavior and stateful protection as you mitigate risk, ensure compliance, and lower costs while vastly simplifying the operational model of firewalling every workload.
Understand Why Enterprises Are Securing East-West Network Traffic
Understand Why Enterprises Are Securing East-West Network Traffic
Read the Forrester thought leadership paper on enabling zero trust with a new firewall strategy.
See How the Service-defined Firewall Did in Testing
See How the Service-defined Firewall Did in Testing
Review a micro-audit of the Service-defined Firewall versus simulated attacks.
Step Up to a Layer 7 Internal Firewall
Mitigate Security Risk
Leverage the only solution built into the infrastructure that detects and mitigates threats on east-west traffic within the perimeter. From its unique position within the hypervisor, Service-defined Firewall brings unmatched visibility into both network traffic and app behavior to provide better protection against threats.
Drive Automation and Consistency
Eliminate the security blind-spots that result from numerous discrete solutions and misaligned protection policies. Entirely within the infrastructure fabric, Service-defined Firewall automatically creates, distributes, moves, and decommissions policies according to each workload’s lifecycle.
Simplify Security Operations
Replace multiple security appliances with built-in, L2-L7 distributed firewalling and workload protection controls to reduce CapEx by up to 60%. Then slash OpEx and radically simplify operations by eliminating the need for complex traffic hair-pinning architectures and associated management overhead.
Automated baselining of application behavior
Dynamic, object-based policy model
Comprehensive threat detection and intelligence
Distributed architecture to enforce policy
What Are the Key Use Cases for the Service-defined Firewall?
Go from Micro-segmentation to Full Internal Firewalling
Easily create, enforce, and automatically adapt macro and micro-segmentation policies between environments, compliance zones, applications, or even workloads. Leverage stateful Layer 7 firewall controls including AppID, UserID, WAF and URL whitelisting.
More on Micro-segmentationDeliver Workload Visibility & Policy Automation
Get 360 degree visibility into every workload, including roles, metadata, process, and network activity. Visualize application topologies, automatically recommend segmentation policies for enforcement, and link policy lifecycles to workloads.
More on Workload IntelligenceAchieve Compliance with Distributed IDS/IPS
Replace discrete appliances with a fully distributed software IDS/IPS solution to easily achieve compliance, create virtual zones, and detect lateral threat movement on east-west (E-W) network traffic.
More on IDS/IPSExpand Your Virtual Cloud Capabilities
Deliver Intrinsic Security
Leverage adaptive, intelligent protection and deep visibility to secure apps and workloads in your data centers, clouds, and endpoints.
More on Enterprise Security SolutionsBuild on a Foundation of NSX
Connect and protect applications across your data centers and clouds with virtualized networking and security via VMware NSX.
More on NSXAdvanced Threat Detection with IDS/IPS
Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on E-W traffic & easily achieve compliance.
More on NSX Distributed IDS/IPSStreamline Security Operations
Automate security policy recommendations in order to streamline micro-segmentation deployments and enable a more granular security posture.
More on NSX Intelligence