Overview

Mware’s NSX Distributed Firewall is a software-defined Layer 7 firewall purpose-built to secure multi-cloud traffic across workloads. Unlike traditional firewalls that require network redesign and traffic hair-pinning, the NSX Distributed Firewall distributes the firewalling and advanced security services (IDS/IPS, network sandboxing , and NTA/NDR) to each host, which radically simplifies the security architecture. It uses a software-based approach to deliver security that’s built into the hypervisor for each workload. With complete visibility into applications and flows, NSX Distributed Firewall delivers superior security with policy automation that’s linked to the workload lifecycle. This allows security teams to easily segment the network, micro-segment application workloads, stop the lateral movement of attacks, and automate policy in a vastly simpler operational model. Data center operators can now achieve levels of agility, security and economics that were previously unreachable.

NSX Distributed Firewall is not only distributed, but service-aware and operationally simple—making Zero Trust security attainable and efficient for applications in data centers, and private and public cloud environments. Whether the goal is to lock down critical applications, create a logical demilitarized zone in software or reduce the attack surface of a virtual desktop environment, NSX Distributed Firewall enables micro-segmentation to define and enforce network security policy at the individual workload level.

NSX Distributed Firewall is used by enterprises for a variety of purposes including network segmentation, achieving zero trust in the cloud, virtual patching for workloads, and the ability to stop lateral movement of threats. Every type of enterprise can benefit from having a firewall for east-west traffic like this one.