To provide Layer 3 and Layer 2 network security in a VMware Cloud Director organization virtual data center, you can enable and create rules for the distributed firewall on this organization virtual data center. With the distributed firewall rules, you can protect traffic traveling between virtual machines in an organization virtual data center.
VMware Cloud Director supports distributed firewall services on organization virtual data centers that are backed by NSX Data Center for vSphere.
For creating the distributed firewall rules, you can use various grouping objects and security groups. See Custom Grouping Objects for NSX Data Center for vSphere Edge Gateways in the VMware Cloud Director Service Provider Admin Portal and Working with Security Groups for NSX Data Center for vSphere Edge Gateways by Using Your VMware Cloud Director Service Provider Admin Portal.
For information about protecting traffic to and from an edge gateway, see Managing an NSX Data Center for vSphere Edge Gateway Firewall in the VMware Cloud Director Service Provider Admin Portal.