VMware Service-defined Firewall
An Internal Firewall that Shrinks your Attack Surface
Rely on the only purpose-built internal firewall to simultaneously secure east-west network traffic and protect workloads across multi-cloud environments. Virtualize your entire security stack and gain protection that's intrinsic to your infrastructure — so you can mitigate risk, ensure compliance, and lower costs while vastly simplifying the operational model of firewalling every workload.
See VMware Service-defined Firewall in Action
See It in Action
Check out a demo of our Service-defined Firewall stopping an attack.
Dig Into the Service-defined Firewall and Its Precursors
Dig Into the Service-defined Firewall and Its Precursors
Read the Coalfire benchmark report on how the Service-defined Firewall held up against simulated attacks within the network.
Step Up to a Layer 7 Internal Firewall
Mitigate Security Risk
Leverage the only solution built into the infrastructure that detects and mitigates threats on east-west traffic within the perimeter by orchestrating granular security controls based on both network and application context.
Ensure Compliance
Forget inconsistent policies between discrete solutions and unseen gaps in security coverage. Leverage a single management pane to combine visibility, policy control, and logging for all security services, without compromise.
Simplify Security Operations
Replace multiple discrete security appliances with native controls to reduce CapEx by up to 60%. Then lower OpEx by providing a true 1-click deployment experience and radically simplified operations for security teams.
Understand and baseline application behavior
Dynamic, object-based policy model
Comprehensive threat detection and intelligence
Distributed architecture to enforce policy
What Are the Key Use Cases for the Service-defined Firewall?
Go Beyond Micro-segmentation to Full Internal Firewalling
Effortlessly create, enforce, and automatically adapt macro and micro-segmentation policies between environments, compliance zones, applications, or even workloads. Leverage stateful Layer 7 firewall controls including AppID, UserID, WAF, URL whitelisting.
More on Micro-segmentation >>
Deliver Workload Visibility & Policy Recommendations
Get 360 degree visibility into every workload, including roles, meta-data, process, and network activity. Visualize application topologies, with service groupings and flows between apps, and automatically recommend segmentation policies for enforcement.
More on Workload Visibility >>
Achieve Compliance with Distributed IDS/IPS
Replace discrete appliances with a fully distributed software IDS/IPS solution to easily achieve compliance, create virtual zones and detect lateral threat movement on east-west (E-W) traffic.
More on IDS/IPS >>
Extend Granular Workload Protection
Continuously check the hypervisor, OS, and software for known vulnerabilities and deliver effective app control and reputation scoring for running processes. Protect critical assets such as domain controllers, shared services, and essential apps running inside of micro-segments by locking down known good behavior.
More on Workload Protection >>
Expand Your Virtual Cloud Capabilities
Deliver Intrinsic Security
Leverage adaptive, intelligent protection and deep visibility to secure apps and workloads in your data centers, clouds, and endpoints.
More on Enterprise Security SolutionsBuild on a Foundation of NSX
Connect and protect applications across your data centers and clouds with virtualized networking and security via VMware NSX.
More on NSXAdvanced Threat Detection with IDS/IPS
Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on E-W traffic & easily achieve compliance.
More on NSX Distributed IDS/IPSGet App-Centric Workload Protection
Gain insight and protection for your apps. VMware AppDefense learns an app’s intended behavior, and alerts you to any anomalies.
More on AppDefense