What is the difference between the Gateway Firewall and the Distributed Firewall?
Protect all Workloads with Consistent Network Security
Complement your NSX Distributed Firewall deployment with a zone firewall that enables unified security across physical and virtual workloads in private and public clouds. Leverage a cost-effective Layer-7 firewall delivered entirely in software that includes TLS decryption and advanced threat prevention capabilities such as network sandboxing.
Consistent Security Coverage
Enjoy consistent network security coverage across your NSX environment with a Layer-7 gateway firewall that includes IDS/IPS, network sandboxing and URL filtering.
Unified Management
Manage NSX Gateway Firewall together with NSX Distributed Firewall for all your public and private cloud firewall needs.
Lower Cost
No specialized hardware and simple operations translate to CAPEX and OPEX savings.
Use Cases
Protect Physical Workloads
Provide Layer-7 firewalling for physical workloads without needing access to the operating system.
Secure Private Cloud Zones
Add to your private cloud protections by filtering all traffic at the boundary of designated security zones.
Patrol the Public Cloud Edge
Inspect north-south traffic at the perimeter of your public cloud environment.
Related Products
Expand your data center security capabilities with detection and response, threat prevention and more.
NSX Distributed Firewall
Layer 7 internal firewall
NSX Network Detection and Response
AI-powered correlation of events across multiple detection engines
NSX Distributed IDS/IPS
Signature and behavior based detection of ransomware and other threats at every hop
NSX Intelligence
Distributed analytics engine for topology visualization & policy recommendations
Frequently Asked Questions
Both the Gateway and Distributed Firewall are part of the NSX product family and have similar components. However, the Distributed Firewall is designed to handle east-west network traffic (internal traffic). The Gateway Firewall complements the Distributed Firewall to protect east-west traffic in specialized cases such as securing physical workloads. The Gateway Firewall can also function as a private cloud zone firewall or a public cloud edge firewall (for north-south traffic).
Why VMware Gateway Firewall?
Experience a Layer 7 firewall delivered entirely in software that secures your physical workloads and private and public cloud resources.