vCloud Director provides the advanced networking capabilities powered by the NSX network virtualization software that offer enhanced security controls and routing and network scaling capabilities in a cloud environment.
Using these networking capabilities, you can achieve unprecedented security and isolation in your organization virtual data center. These capabilities deliver the following benefits:
- Dynamic routing. The NSX capabilities in your vCloud Director environment support routing protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF) to simplify network integration between systems, to provide redundancy and continuity in a cloud-hosted application deployment.
- Fine-grained network security and isolation. The NSX capabilities in your vCloud Director environment support the use of object-based rule definitions to provide stateful network traffic isolation without requiring multiple virtual networks. This zero-trust security model prevents intruders from gaining full network access if an application or virtual machine is compromised. Network configuration is simplified by using the same network security policies to protect applications wherever they are physically located in the vCloud Director environment and to extend your zero-trust security model for portable security no matter where an application is deployed.
- Additional capabilities provided by NSX are enhanced VPN support for point-to-site (IPsec VPN) and user (SSL VPN-Plus) connectivity, enhanced load balancing for HTTPS, and expanded network scalability.
You can configure two types of firewalls: the edge gateway firewall and the distributed firewall. For more information about the differences between these firewalls, see Firewall Configuration Using the Tenant Portal.
You access these advanced networking capabilities using the vCloud Director tenant portal or the vCloud Director Service Provider Admin Portal. The edge gateway must first be converted to an advanced edge gateway. See Convert an Edge Gateway to an Advanced Edge Gateway.