Tuesday, 30 August 2016

Overview VMware NSX Distributed Firewall

We have already seen couple of articles related to VMware NSX wherein we discuss about VMware NSX Overview and  An Insight to VMware NSX Layers.

Dedicated this article for a quick overview VMware NSX Distributed Firewall which is one of the feature available with VMware NSX.


NSX Distributed Firewall is a Kernel Embedded Firewall providing the control for our Virtualized Networks and the Workloads.

With Distributed Firewall we can enforce rules at vNiC level yes we are talking about the Virtual Nic Card of a Virtual Machine.

Distributed Firewall is running inside the ESXi host as Kernel Space Module which means the more the number the of ESXi the better would be the Overall Capacity of NSX Distributed Firewall.

Distributed Firewall enforces security policies based on VMware vCenter objects like datacenters and clusters, virtual machine names and tags, network constructs such as IP/VLAN/VXLAN addresses irrespective of where the Virtual Machine resides and how they are connected.

When it Comes to applying the Firewall Rules NSX Manager is used which then pushes all the Firewall Rules to the underlying ESXi hosts. 

What all Firewall Rules can be applied ? We can Create Network Based Rules IPv4,IPV6 and MAC Addresses, Virtualization and Application Aware Rules.

No comments:

Post a comment