VMware Networking Community
Sateesh_vCloud

VMWare virtual IDS/IPS appliance on network overlays

My Customer requirement is to deploy "VMWare virtual IDS/IPS appliance on network overlays"

Do we have such feature in NSX?

vCNS is also having such features?

------------------------------------------------------------------------- Follow me @ www.vmwareguruz.com Please consider marking this answer "correct" or "helpful" if you found it useful T. Sateesh VCIX-NV, VCAP 5-DCA/DCD,VCP 6-NV,VCP 5 DCV/Cloud/DT, ZCP IBM India Pvt. Ltd
Tags (2)
Reply
0 Kudos
2 Replies
thakala
Hot Shot
Hot Shot

NSX itself does not provide IDS or IPS functionality, but it provides API for 3rd party tools to provide these features on virtual networks. At least Palo Alto Networks and Intel Security have NSX compatible virtual firewall appliances which provide IPS and IDS functionality. For IDS only NSX supports Netflow and IPFix for exporting flow data which allows use of any Netflow or IPFix capable IDS like Lancope StealthWatch.

Tomi http://v-reality.info
jakewilson
Contributor
Contributor

Since NetFlow and IPFIX (Standard) are supported by many vendors, you can also use the IDS capabilities provided by Scrutinizer from Plixer.  It also scales to meet the demands of larger networks.

Reply
0 Kudos