Do You Manage Peer Insights at Broadcom (VMware)?
Access Vendor Portal to update and manage your profile.
This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
The number one thing that my team loves about the distributed firewall is the ability to enforce zero trust policies in the virtual infrastructure. The policies that can be created can be quite constrictive and can be applied down to the virtual network interface. This results in a high level of security and communication between the virtual servers. My team also loves how easy it is to create segmentation rules. Practically anything can be used to build a policy (name of the virtual machine, operating system, cluster membership). The wide range of tags really helps to build customized rules for segmentation. Finally, my team loves how well it integrates with the VMWare infrastructure. The segmentation policies can follow the virtual server across datacenters, hosts and clusters.
The creation of distributed rules and the visualization of communication flows are quite interesting.
1. Microsegmentation Zero-trust 2.Distributed enforcement 3.Context aware security
The product can be quite expensive, especially given Broadcom's new licensing model. This solution is only available in their higher tier of licensing, which many organizations may find cost prohibitive to implement. Implementing the distributed firewall also increases operational complexity. Your IT team should be properly trained before this product is implemented in production. If a firewall rule is created incorrectly, it could result in unexpected downtime. My team found that this product also generates a significant amount of logging. This is important to note, especially if you have these logs configured to be ingested by a SIEM, since the increased logging could impact the SIEM's performance and take up more space.
After 4 years of implementing the solution, component failures became frequent, especially in management modules like NSX Intelligence.
1) NSX Policy and Security Products can be more complex for new admin to NSX 2) Enterprise NSX license can be expensive for smaller setup 3.Troubleshooting Complexity
