VMware Contexa: Cloud-Delivered Threat Intelligence
VMware Contexa™ sees what others don’t—from the user, the device, the network, the runtime to the data—powering VMware Security to stop threats others can’t.
The Strongest Defense for Your Multi-Cloud Traffic

No Blind Spots
Get complete network security coverage across all traffic flows and workload types with the Industry's only layer-7 distributed firewall and a software-only gateway firewall.

Operational Simplicity
Simplify security operations with software-only firewalls that present an API-driven object-based policy model. Automate policy creation and deployment.

Consistent Security
Achieve consistent firewall policies across all cloud environments and workload types. Regardless of where your workload lives or moves, your workloads will maintain their security policies.

Zero Trust with Better Security
Operationalize Zero Trust architecture in your infrastructure across multi-cloud with a modern software-based approach that’s easy to operationalize and scale.
NSX Firewall Network Security Products
NSX Distributed Firewall
Layer 7 internal firewall to secure east-west traffic, north-south traffic, and cloud-to-cloud connectivity
Network Traffic Analysis
Detect anomalous activity and malicious behavior as it moves laterally across your network
NSX Distributed IDS/IPS
Signature and behavior-based detection of ransomware and other threats at every hop
NSX Gateway Firewall
A Layer 7 firewall designed to protect physical servers and zone/cloud edge
NSX Sandbox
Complete malware analysis
NSX Network Detection & Response
AI-powered correlation of events across multiple detection engines
Accelerate Enterprise Cloud Transformation
The inherent security on the NSX platform allows our developers and security experts to work together from the get-go, weaving cybersecurity into the very DNA of the network.
NSX has simplified the ability for us to segment those servers off into their own environment ... without having to make vast hardware purchases and additional firewalls and technologies.
We test NDR products privately and regularly, and have not awarded any other products a AAA rating.
Use Cases

Simplify Network Segmentation
Gain visibility on traffic and easily create network segmentation or virtual security zones with no changes to your network by defining them entirely in software. No need to deploy discrete appliances and hairpin traffic.

Micro-segmentation for Zero Trust
Get auto-generated policy recommendations based on an intrinsic understanding of application topology. Easily create, enforce, and manage granular micro-segmentation policies and leverage an object-based policy model for automation.

Granular Virtual Patching
Take advantage of IDS/IPS at every host to monitor your traffic flows, identify malicious traffic on a per-hop basis, and then apply virtual patching to ensure unpatched servers inside the data center cannot be exploited.

Advanced Threat Prevention
Leverage multiple detection engines - IDS/IPS, network traffic analysis, and network sandboxing - to block advanced threats from moving laterally, even across encrypted traffic. Get network detection and response that correlates events across all detection engines to identify intrusions.
Related Resources
Industry’s First NDR Test
Workloads on the VMware multi-cloud platform are the only ones protected against APTs by the NSX NDR solution that is AAA certified by SE Labs.
Secure Workload Access
Learn how VMware can help cloud and application security leaders, enterprise IT leaders, and security teams use Zero Trust principles to protect workloads running in private and public environments as part of a Zero Trust strategy.
A Practical Path to Zero Trust
Learn why organizations are leaning into zero trust security and why traditional firewalls fall short.