Network & Security

Home / Our Solutions / Network & Security

VMware NSX Data Center

Third-Party Partner Integration

Features of VMware NSX Data Center


Enable logical Layer 2 overlay extensions across a routed (Layer 3) fabric within and across data center boundaries. Support for VXLAN- and GENEVE-based network overlays.


Dynamic routing between virtual networks performed in a distributed manner in the hypervisor kernel, scale-out routing with active-active failover with physical routers. Static routing and dynamic routing protocols supported, including support for IPv6.

Gateway Firewall

Stateful firewalling up to Layer 7 (including app identification and distributed FQDN whitelisting), embedded in the NSX gateway, distributed across entire environment with centralized policy and management.

Distributed Firewall

Stateful firewalling up to Layer 7 (including app identification and distributed FQDN whitelisting), embedded in the hypervisor kernel, distributed across entire environment with centralized policy and management. In addition, the NSX Distributed Firewall integrates directly into cloud native platforms such as Kubernetes and Pivotal Cloud Foundry, native public clouds such as AWS and Azure, as well as bare-metal servers.

Load Balancing

L4–L7 load balancer with SSL offload and pass-through, server health checks (and passive health checks), and application rules for programmability and traffic manipulation via GUI or API.


Site-to-site and remote-access VPN capabilities, unmanaged VPN for cloud gateway services.

NSX Gateway

Support for bridging between VLANs configured on the physical network and NSX overlay networks, for seamless connectivity between virtual and physical workloads.

NSX Intelligence

NSX Intelligence provides automated security policy recommendations and continuous monitoring and visualization of every network traffic flow for enhanced visibility, enabling a highly and easily auditable security posture. As part of the same UI as NSX-T™ Data Center, NSX Intelligence provides a single pane of glass for both network and security teams.

NSX Distributed Threat Prevention (NSX Distributed IDS/IPS)

NSX Distributed IDS/IPS™ is an advanced threat detection engine purpose-built to detect lateral threat movement on east-west traffic. The unique distributed architecture, combined with precise application context, enables security teams to replace discrete appliances while easily achieving regulatory compliance and creating virtual security zones without physical separation of infrastructure.


Centralized policy configuration and enforcement across multiple locations from a single pane of glass, enabling network-wide consistent policy, operational simplicity and simplified disaster recovery architecture.

Virtual Routing and Forwarding (VRF)

Complete data plane isolation among tenants with a separate routing table, NAT and edge firewall support in each VRF on the NSX Tier 0 gateway.

NSX Data Center API

RESTful API based on JSON for integration with cloud management platforms, DevOps automation tools and custom automation.


Native operations capabilities such as central CLI, traceflow, overlay logical SPAN and IPFIX to troubleshoot and proactively monitor the virtual network infrastructure. Integration with tools such as VMware vRealize Network Insight for advanced analytics and troubleshooting.

Context-Aware Micro-Segmentation

Security groups and policies can be dynamically created and automatically updated based on attributes beyond just IP addresses, ports and protocols—to include elements such as machine name and tags, operating system type and Layer 7 application information to enable adaptive micro-segmentation policy. Policies based on identity information from Active Directory and other sources enable user-level security down to the individual user session level in remote desktop services and virtual desktop infrastructure (VDI) environments.

Automation and Cloud Management

Native integration with vRealize Automation/vRealize Automation Cloud, OpenStack and more. Fully supported Ansible modules, fully supported Terraform provider and PowerShell integration.

Third-Party Partner Integration

Support for management, control plane and data plane integration with third-party partners in a wide variety of categories such as next-generation firewall, intrusion detection system (IDS)/intrusion prevention system (IPS), agentless antivirus, switching, operations and visibility, advanced security and more.

Multi-Cloud Networking and Security

Enable consistent networking and security across data center sites, and across private and public cloud boundaries, irrespective of underlying physical topology or cloud platform.

Container Networking and Security

Supports load balancing, micro-segmentation (distributed firewalling), routing and switching for containers on platforms built on Kubernetes and Cloud Foundry, running on either VMs or bare-metal hosts. Provides visibility for container network traffic (logical ports, SPAN/Mi, IPFIX and traceflow).

Benefits of VMware NSX Data Center

Harness Agility Through Automation

Bring one-click provisioning to your networking and security services — access powerful flexibility, agility, and scale — by running a complete L2-L7 stack in software, decoupled from underlying physical hardware.

Enjoy Consistent Multi-Cloud Operations

Manage consistent networking and security policies across private and public clouds , from a single pane of glass, regardless of where your application runs – VM, container, or bare metal.

Make Your Security Intrinsic

Deliver granular protection for your apps via micro-segmentation to the individual workload. Create context-aware security policies per workload while leveraging IDS/IPS to defend against lateral threats across multi-cloud environments.

Save on Both CapEx and OpEx

Lower CapEx by up to 35% by consolidating networking and security functions to a single distributed virtualization platform and slash OpEx via simplified operations and optimized traffic flows.


Check Point Software Technologies Ltd. (, is the largest pure-play security vendor globally, provides industry-leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises’ networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes. At Check Point, we secure the future


Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization’s most valuable assets. Find out more at


Fortinet protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. Fortinet’s mission is to deliver the most innovative, highest performing network security platform to secure and simplify your IT infrastructure. The company's cybersecurity solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. They are strengthened by the industry's highest level of threat research, intelligence and analytics. More than 265,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands.


250+ million endpoints. 500,000+ companies worldwide. One security software company. For nearly 30 years, Trend Micro’s unwavering vision has been to make the world safe for exchanging digital information. Security is our entire focus, and it shows. This single-minded passion has inspired our innovations that keep up with the bad guys despite a changing IT landscape, riskier user behavior, and constantly evolving threats.