Network virtualization offers a functioning micro-segmentation solution using the distributed firewall functionality of VMware NSX for vSphere. This service delivers enhanced security protections to workload-workload traffic, either virtual-to-virtual or virtual to physical, and provides granular, dynamic control over security policies within the software-defined data center. This chapter includes the following modules:
- The micro-segmentation and security service provides assessment, technical validation of pre-requisites, design, deployment, and validation of NSX for vSphere micro-segmentation functionality. This includes L2-L4 distributed firewalls (DFW), the identity firewall, basic service composer, activity monitoring, and logging.
- The assessment, design, and integration of NSX for vSphere with next-generation firewall-VM Series for NSX and vCenter manager.
- The implementation of firewall policies, workload traffic, VM-to-VM traffic, redirection to L4-L7 deep packet inspection,...