VMware NSX Service-defined Firewall
Protect Your Distributed Data Center with a Purpose-Built Internal Firewall
Rely on a distributed, scale-out internal firewall, built on NSX, to secure east-west traffic across multi-cloud environments. Gain superior protection against lateral movement of malware with stateful layer 7 security controls with advanced threat detection. VMware’s unique, intrinsic approach to security simplifies deployments and streamlines firewalling of every workload — at a fraction of the cost.
Enable Intrinsic Security with the NSX Service-defined Firewall
Watch the overview video on how the NSX Service-defined Firewall enables intrinsic security for today’s distributed data centers and applications.
Watch Now
Securing East-West Traffic for the Modern Data Center
See why traditional firewall architectures are failing to protect east-west network traffic — and how internal firewalls can solve the problem.
Download White PaperVMworld 2020
Build a Future Ready Network
Join us November 16 to learn how to modernize your network for better application performance, anywhere.
Eliminate the Trade-off Between Security and Simplicity
Mitigate Security Risk
Gain superior ability to prevent lateral movement of malware inside the data center with the only stateful Layer 7 firewall built into your infrastructure. Operating from a unique position within the hypervisor, NSX Service-defined Firewall enjoys unmatched visibility into the network and unrivaled workload context to provide better threat protection while remaining isolated from the attack surface.
Accelerate Security Operations
Enable security to move at the speed of development to deliver a true public cloud experience on-premises, decoupled from physical infrastructure constraints. Deliver “security as code” with an API driven, object-based policy model which ensures new workloads automatically inherit relevant security policies and automates policy mobility with workloads.
Ensure Compliance
Eliminate the visibility and security blind-spots that result from misaligned controls across disparate solutions, and the selective traffic inspection that comes with appliance-based architectures. Demonstrate compliance by easily creating virtual security zones and complete Layer 7 security coverage for your sensitive applications and data.
Simplify Security Architecture
Replace multiple application-based solutions with L2-L7 virtual controls built into the NSX platform, thus reducing CapEx by up to 60%. Radically simplify network deployment and operations by eliminating the need for changes to the physical network, complex traffic hair-pinning architectures, or agent management overhead.
How is VMware Internal Firewall Different?
Distributed architecture
Elastic throughput
Built-in security
Superior workload context
What Are the Key Use Cases for the NSX Service-defined Firewall?
Rapidly Deploy Network Segments
Quickly create and reconfigure network segments, virtual security zones, and partner domains by defining them entirely in software. Avoid the need to re-architect your network or deploy discrete appliances.
More on Network SegmentationMeet Compliance Requirements
Address regulatory requirements (such as PCI-DSS, HIPAA, etc.) for compliance zones by inspecting all east-west traffic for threats with a fully distributed IDS/IPS delivered in software.
More on IDS/IPSPrevent Lateral Movement of Attacks
Leverage stateful Layer 7 firewalling including AppID and UserID-based policies, and advanced threat protection at each workload to protect against ransomware and other attacks that propagate laterally within data centers.
Read the BlogAchieve Zero Trust with Micro-segmentation
Easily create, enforce, and automatically manage granular micro-segmentation policies between applications, services, and workloads across multi-cloud environments spanning VMs, containers, and bare metal infrastructure.
More on Distributed AnalyticsSpotlight on Internal Firewall
VMware acquires Lastline
VMware Acquires Lastline
Tom Gillis, SVP/GM Networking and Security, discusses advances to the NSX security stack with acquisition of Lastline.
Security Done Differently and Done Better
Tom Gillis, SVP/GM Networking and Security, discusses reimagining firewalls and IDS/IPS with an intrinsic security approach.
Read the BlogKnock, Knock: Is this Security Thing Working?
SANS discusses challenges with today’s data center security and the need for an intrinsic approach.
Download White PaperSecure Virtual Desktops with NSX Service-Defined Firewall
Deliver comprehensive security for VDI environments by isolating desktops and segmenting VDI infrastructure with just a few policies.
Read Secure VDI Solution OverviewPowering Customer Success with the NSX Service-defined Firewall
Securely Drive Productivity and Flexibility
Preferred Mutual maximizes remote employee and IT staff productivity while ensuring the security of company data with NSX, Workspace One, and Horizon.
Provide a Reliable Learning Platform
Region 11 supports students and teachers with a more secure, integrated, and reliable technology platform via VMware solutions that include NSX and Horizon.
Meet Government Security Regulations
Cenitex delivers the rock-solid security that governments require with a fully-integrated range of VMware solutions across data centers and digital workspaces.
Elevate and Consolidate Security
USSFCU went from planning to deployment in just weeks, replacing multiple legacy security tools with NSX for networking and micro-segmentation as part of their zero trust initiative.
Expand Your Virtual Cloud Capabilities
Leverage the NSX Distributed IDS/IPS
Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on east-west traffic & easily achieve compliance.
More on NSX Distributed IDS/IPSGet Recommended Security Policies
Simplify operationalizing micro-segmentation with rich application topology visualization and automated policy recommendations.
More on NSX IntelligenceBuild on a Foundation of NSX
Connect and protect applications across your data centers and clouds with virtualized networking and security via VMware NSX.
More on NSXDeliver Intrinsic Security
Leverage your infrastructure to provide deep visibility and security for your network and workloads across data center, cloud, WAN, and endpoints.
More on Intrinsic SecurityDive Deeper into the VMware NSX Service-defined Firewall
Learn & Evaluate
- Forrester White Paper: To Enable Zero Trust, Rethink Your Firewall Strategy
- SANS White Paper: Knock, Knock: Is this Security Thing Working?
- 5 Reasons Why Internal Firewalls & Perimeter Firewalls are Different
- Intro to the NSX Service-defined Firewall and Its Precursors
- Internal Firewall: The Best Way to Protect East-West Traffic White Paper
- VMware NSX Service-defined Firewall Solution Overview
- Four Barriers to Micro-segmentation White Paper
- NSX Service-defined Firewall to Secure Virtual Desktops Solution Overview
- VMware’s Intrinsic Security Vision Blog Post
- Advanced Security for VMware Cloud Foundation Blog Post
- Professional Services for Virtual Cloud Network Datasheet