VMware Adds Distributed IPS/IDS to NSX

In this piece, Justin Warren looks at how VMware is adding security features to its networking efforts, something they recently highlighted at Security Field Day. Part of this involves adding intrusion detection/prevention to NSX. For Justin, support for groups and tags has been a vital inclusion. Groups allow admins to group objects together and set common rules against that group. Meanwhile tags let you add arbitrary attributes that follow an information scheme. Combined these two features can provide a way for admins to compliment their packet policies for security. Justin still thinks VMware needs to further operationalize these features to make them truly comprehensive for network security, but clearly the effort is being put into their platforms.

Read More

References