Elevate Risk Management and Compliance

Reduce HIPAA & PCI Compliance Risk with VMware NSX
Change the way you secure the applications in your environment by enabling a zero-trust security model via micro-segmentation. Then go further: reduce the scope of compliance by isolating the systems that store, process or transmit sensitive data. VMware NSX enables a fundamentally more secure environment and helps to ensure and demonstrate compliance with many regulations, including PCI DSS, HIPAA, GDPR, FedRAMP, SOC, CJIS, DISA, STIG, and more.
Mitigate Risk, Drive Compliance
Achieve a Zero-Trust Security Posture
Deliver zero-trust security across data centers and clouds by leveraging micro-segmentation to enable granular protection at the VM level.
Drive Visibility and Context
Gain visibility across application infrastructure and data center endpoints, enabling validation of configuration and real-time state against regulatory controls.
Solve for Risk Fragmentation
Simplify security with security controls architected directly into the hypervisor.
Reduce Compliance Scope
Lower the scope of compliance and cut down overall audit durations by isolating the systems that store, process, or transmit sensitive data.
Related Risk & Compliance Resources
VMware NSX Security Configuration Guide
Learn how to deploy and operate VMware NSX in a secure manner.
VMware Compliance and Cyber Risk Solutions
Deliver security and compliance in highly regulated environments.
VMware NSX Micro-segmentation Day 1 Guide
Implement NSX for added security and visibility via micro-segmentation.
We’re Powering Our Customers’ Success
VMware Delivers Compliance for Key Regulations
FIPS
NSX Data Center can be configured to operate in FIPS compliant mode with FIPS 140-2 validated cryptographic modules. A FIPS compliance report helps configure and operate NSX deployments securely while adhering to prescribed FIPS standards. See NSX-T Data Center Compliance-Based Configuration for the list of cryptographic modules used in NSX-T Data Center that are validated for FIPS 140-2.
Common Criteria
NSX Data Center for vSphere 6.3.0 has been tested for compliance with the EAL2+ level of assurance. Running a Common Criteria-compliant NSX Data Center installation requires that you configure NSX Data Center as explained in the document Configuring NSX for Common Criteria as part of the NSX Data Center Administration Guide.
ICSA
This is an industry-wide accepted standard certification which tests and certifies products including anti-virus, firewall, IPSec VPN, cryptography, SSL VPN, network IPS, anti-spyware, and PC firewall products. Both NSX Data Center for vSphere Distributed Firewall and Edge Firewall are certified against ICSA Corporate Firewall criteria.
PCI Compliance
Other standards such as NIST 800-53, IRS 1075, and MARS-E are mostly related to processes, procedures, or policies with Access Control/RBAC and Auditing being the applicable sections to NSX Data Center. For specific product details, refer to: VMware Product Applicability for PCI DSS.
GDPR Compliance
IT Management and the GDPR: The VMware Perspective
Find out where the VMware portfolio can help you implement solutions for data protection use cases in the context of the GDPR.
GDPR and Addressing Data Security Gaps with VMware
Advance your GDPR readiness by reviewing your handling of personal data and your enforcement of processes to protect that data.
Expand Your Virtual Cloud Capabilities
Transform Your Business
Learn about a new approach to building and operating a single virtual cloud network for all your apps and data, wherever they run.
Deliver Intrinsic Security
Leverage adaptive, intelligent protection and deep visibility to secure apps and workloads in your data centers, clouds, and endpoints.
Build on a Foundation of NSX
Connect and protect applications across your data centers and clouds with virtualized networking and security via VMware NSX.
Leverage Global Visibility
Enhance your management of network traffic and security protections with 360 degree visibility across all your environments.
Dive Deeper into VMware Risk & Compliance
Security Validations
- VMware NSX DMZ Anywhere Cybersecurity Benchmark
- NSX Micro-segmentation Cybersecurity Benchmark
- Addressing PCI DSS with VMware NSX-T
- Rackspace Meets New PCI-DSS Compliances with NSX
- Coalfire Micro-segmentation Benchmark Report Validates VMware NSX Capabilities Enable a Zero-Trust Model
- STIG Validates NSX to Meet the Security Hardening Guidance Required for Installment on DoD Networks