VMware NSX Advanced Load Balancer and WAF

Additional Info

CompanyVMware
Websitehttps://avinetworks.com/web-application-security
Company size (employees)10,000 or more

Overview

The NSX Advanced Load Balancer WAF is a software-only web application security solution that provides scalable web app security, threat detection, and application protection with point-and-click simplicity, visibility and security intelligence, and high performance. The multi-cloud platform overcomes the challenges of traditional WAF appliances using a software-defined architecture that is centrally managed and delivers elastic web application protection, machine learning driven security, and the ability to scale on demand based on real time traffic conditions. NSX Advanced Load Balancer WAF is agnostic to the underlying infrastructure and delivers consistent security, visibility and performance in any data center or cloud. It offers convenience to administrators to turn on WAF capabilities on a per-application basis enabling enterprises to deploy high performance protection and reduce risk. Administrators can use learning mode and a detection-only setting to understand and configure the security posture of the application before turning on enforcement. NSX Advanced Load Balancer WAF also delivers powerful security visibility down to the level of individual connections that shows which security policies were matched, threats that were mitigated, and end-user intelligence that shows where a threat originated. Point-and-click configurations help administrators fine tune policies and reduce false positives. The platform comes with several security capabilities including advanced rate limiting, DDoS mitigation, HTTP Strict Transport Security (HSTS), and Perfect Forward Secrecy (PFS), URL and port based allow- and deny-lists among others.

How we are different

Consistent multi-cloud security: NSX Advanced Load Balancer WAF secures web applications that run in any data center or cloud. The platform is agnostic to the underlying environment and secure web applications with central orchestration across multi-cloud deployments. Administrators have a single pane of glass to manage their entire fleet of load balancers and web application firewalls that can be deployed on a granular per-application basis.


Powerful visibility and analytics: NSX Advanced Load Balancer WAF makes it possible for administrators to understand the security posture and performance of the application at any given time with a remarkable array of data points that are visualized on the console. For example, administrators can determine the specific connections that were blocked in the last hour, day, week, month (or more) due to a specific security policy that was matched, or the IP address and location where a particular denial of service attack, or web application attack originated. The unique analytics-driven security approach also feeds the machine learning capabilities in the platform that enables the solution to learn acceptable behaviors for an application and flag anomalies.


Scale and performance for modern applications: A vast number of web applications in the market remain under-secured due to concerns from administrators of impacting performance and end-user experience. This is because traditional WAF solutions are CPU intensive and inelastic and dramatically impact the performance of applications. NSX Advanced Load Balancer WAF is built on a scale out architecture that is deployed on general purpose compute infrastructure such as x86 servers, virtual machines or containers and has the ability to scale dynamically based on observed traffic patterns.