|
|
This video is part of the appearance, “VMware Presents at Security Field Day 3“. It was recorded as part of Security Field Day 3 at 8:00-10:00 on May 14, 2020.
Watch on YouTube
Watch on Vimeo
VMware NSX Distributed IDS/IPS is an application-aware traffic inspection engine purpose built for analyzing internal east-west traffic and detecting lateral threat movements. The engine runs within the hypervisor to optimize packet inspection. NSX Distributed IDS/IPS combines industry-leading signature sets, protocol decoders and anomaly detection-based mechanisms to hunt for known and unknown attacks in the traffic flow. It also benefits from rich application context, driving lower false positive rates while incurring minimal computational overhead on the host.
Personnel: Dhruv Jain, Stijn Vanveerdeghem