Advanced Security Enhancement in NSX

Advanced Security Enhancement in NSX

The NSX Distributed Firewall has added malware detection and prevention support for Linux guest endpoints (VMs). Linux has become the most common operating system across multi-cloud environments.

In addition, we expanded the support for malware analysis for known and unknown files. Along with hash-based detection for new files, we added support for local and cloud analysis for unknown files of up to 64MB.

Prior to NSX, the NSX Gateway supported Active/Standby High Availability mode where traffic is forwarded through a single active NSX Gateway.  This deployment mode required additional design and architecture considerations such as limits induced by the Active/Standby mode on bandwidth and CPU utilization.

Additionally, brings added support for malware detection to the NSX Gateway Firewall running directly on bare metal, allowing for consistent protection regardless of whether customers choose a virtual or physical form factor

NSX introduces 16 additional NSX Edge metrics that further enhance monitoring and troubleshooting.  This includes flow cache metrics, queue occupancy for fast path interfaces, and NIC throughput on ingress and egress on the NSX Edge fast path interfaces.

more details refer -


Version history
Revision #:
2 of 2
Last update:
‎01-16-2023 06:20 PM
Updated by: