Call a Specialist Today!877-352-0547
Free Shipping!Free Shipping!

NSX Service-defined Firewall
Secure Your Data Center with a Purpose-Built Firewall


NSX Service-defined Firewall

At A Glance

What is NSX Service-defined Firewall?

NSX Service-defined Firewall is a distributed, scale-out internal firewall that protects all east-west traffic with security that’s intrinsic to the infrastructure, radically simplifying the security deployment model.Secure your data center with a full-stack firewall distributed at each workload, that requires no network changes, automates policy, and eliminates blind spots.

How does NSX Service-defined Firewall work?

NSX Service-defined Firewall uses an intrinsic approach to security that's built into the hypervisor. It includes a stateful L4-L7 firewall, an intrusion detection/prevention system (IDS/IPS), network sandbox, and behavior-based network traffic analysis.

NSX Service-defined Firewall

Leverage a Proven Data Center Security Model

Attackers are increasingly focused on finding and exploiting vulnerabilities in your network, making east-west traffic the new battleground. NSX Service-defined Firewall offers a software-delivered, distributed architecture and advanced threat prevention. It enables zero-trust security that’s easy to deploy and automates policy while reducing overall costs.

Hyperscale Throughput

Get complete coverage with up to 20Tbps firewalling per SDDC.

Up to 75% Savings in CapEx

Lower CapEx relative to traditional firewall appliances.

Up to 73% savings in OpEx

Lower OpEx, with no network changes and automated policies.

Use Cases:

Easy Network Segmentation

Gain visibility into traffic and easily create network segmentation by defining segments entirely in software—no need to change your network or hairpin traffic by deploying discrete appliances.

Zero Trust in the Data Center

Easily create, enforce, and manage micro-segmentation policies with deep visibility and comprehensive security policy controls.

Ubiquitous Virtual Patching

Detect and prevent malicious traffic with distributed IDS/IPS at every workload, allowing you to reduce operational burden by applying virtual patching to vulnerable workloads.

Block Advanced Threats

Leverage multiple advanced threat prevention techniques to detect intrusion attempts and malicious behavior from known and unknown malware and block threats from moving laterally across your network.

What are the key benefits of NSX Service-defined Firewall?


No Network Changes


Replace multiple appliance-based solutions and radically simplify firewall deployment and operations by eliminating changes to the network and avoiding traffic hair-pinning.

Eliminate Blind Spots


Get unmatched visibility into your network and unrivaled workload context to identify and block threats, while remaining isolated from the attack surface.


Security as Code


An API-driven, object-based policy model delivers policy recommendations, automates policy mobility and ensures new workloads automatically receive appropriate security policies.

Consistent Policy Across Multi-Cloud

Achieve agile security via consistent firewall policies across multiple environments. Write your policy once and automatically enforce it everywhere.

Feature Comparision


NSX FIREWALL NSX FIREWALL WITH ADVANCED THREAT PREVENTION
Distributed & Gateway Firewall (L4–L7)
NSX Intelligence Standard
(Real-time flow analysis and automated
security policy formulation)
Distributed IDS/IPS
Network Detection & Response
(NDR) (cloud-based1)
Network Sandbox (cloud-based2)

Download the NSX Service-Defined Firewall Datasheet(PDF).


Contact us to Learn More!

Find out how you can reduce your expenses today.