• Gain East-West Protection Without Complexity

    Enable your security team to respond more effectively to threats across your data centers with Distributed IDS/IPS.

    NSX Service-defined Firewall with Advanced Threat Prevention includes a comprehensive set of detection and prevention capabilities, including Distributed IDS/IPS. Leverage its unique architecture and precise app context to replace discrete appliances and gain operational simplicity.

    Reduce False Positives

    Reduce False Positives

    Achieve more zero-false-positive workloads with curated rulesets and higher-fidelity signature matches based on precise application context.

    Gain Elastic Throughput

    Gain Elastic Throughput

    Scale inspection capacity automatically and eliminate hardware bottlenecks with IDS/IPS functionality built-in to each workload.

    Simplify Your Network Architecture

    Simplify Your Network Architecture

    Reduce network congestion and simplify network design by eliminating the need to hair-pin traffic to centralized appliances.

    Improve Utilization of Compute Capacity

    Improve Utilization of Compute Capacity

    Re-use existing stranded compute capacity and eliminate the need for dedicated appliances.

    Related Resources

    IDS/IPS Technical Overview

    IDS/IPS in the data center operate under different constraints than traditional IDS/IPS. Watch the lightboard video to understand why.

    Forrester: Rethink Your Firewall Strategy

    See why enterprises are rethinking their firewall strategy and focusing more on securing east-west network traffic to enable zero trust.

    Is Your Security Plan Working?

    Learn why enterprises continue to get breached, despite significant spending on security, and how to get started with intrinsic security in your network, using data that you already have.

    Frequently Asked Questions

    NSX Distributed IDS/IPS is an application-aware intrusion detection system/intrusion prevention system (IDS/IPS) purpose-built for analyzing east-west traffic and detecting lateral threat movements.

    NSX Distributed IDS/IPS uses an all-software distributed approach by moving traffic inspection out to every workload. It eliminates the need to hair-pin traffic to discrete appliances, ensuring comprehensive coverage without any blind spots.

    Key capabilities of NSX Distributed IDS/IPS include:

    • Distributed analysis
    • Curated, context-based signature distribution
    • Application context-driven threat detection
    • Policy and state mobility
    • Automated policy lifecycle management

    For full capabilities, see the solution overview.

    Use cases for NSX Distributed IDS/IPS include:

    • Easily achieving regulatory compliance
    • Virtualizing security zones?
    • Replacing discrete appliances
    • Virtual patching vulnerabilities

    The benefits of NSX Distributed IDS/IPS include:

    • Reduction in false positives
    • Simplified network architecture
    • Elastic throughput
    • Improvement in capacity utilization

    Why VMware for Intrusion Detection/Prevention System?

    草逼