VMware NSXとSDN（Software Defined Network）のためのセキュリティポリシーの自動化

Improve your cybersecurity and internal workflows with VMware NSX. NSX service-defined, distributed firewalls (DFW) protect each virtual machine (VM) within a data center with its own firewall, which runs the entire set of security capabilities for any traffic going through the firewall. In helping to virtualize switching, firewalling, load balancing, and routing, NSX is helping organizations realize the full value of the software-defined data center.

Key benefits include:

• Granular security that prevents threats for spreading laterally with micro-segmented security policies at workload level

• Stateful, NSX distributed firewall embedded in hypervisor kernel and distributed across the entire environment

• Improved operational efficiency and agility with by reducing provisioning time from days to seconds

• Enhanced visibility with visualization of every network traffic flow

• Configure and manage subnets for Kubernetes namespaces

• Manage network and security controls and policies independent of physical network topology across data centers, public and private clouds, and application frameworks

• Enable stateful firewalling up to Layer 7 across multi-cloud environments

• Simplified security operations with faster time to discover, analyze and enforce segmentation policies

• Detect threat movement on east-west traffic with distributed analysis

• Run a security policy within the hypervisor level so that traffic that goes through any VM is inspected as soon as it hits a virtual wire

• A full suite of logical networking and security capabilities, including logical switching, routing, firewalling, load balancing, VPN, and monitoring

• Seamless connection between virtual and physical workloads with bridging between VLANs configured on NSX overlay networks and physical networks

• Attain zero trust security for applications in private and public cloud environments

• API integration with next-generation firewalls, intrusion prevention systems (IPS), agent-less antivirus, advanced security, and more

• Create, configure, and monitor NSX components with NSX Manager, which supplies an aggregated system overview and allows you to activate the malware prevention feature

• Eliminate the need for hairpinning east-west traffic with NSX’s distributed internal firewall

NSX is suitable for use cases related to network security, multi-cloud networking, automation, networking and security for cloud-native apps.

There are two types of NSX platforms. NSX for vSphere (NSX-v) is specific to vSphere hypervisor environments and requires installation of the VMware vCenter. VMware NSX-T (NSX-Transformers) can be used in cases when NSX-v does not apply. NSX-T supports SDN for VMware vSphere as well as network virtualization for Kubernetes, Docker, KVM, OpenStack, and AWS native workloads.