NSX Intrusion Detection and Prevention Service (IDS/IPS) monitors east-west traffic and north-south traffic to detect malicious traffic patterns by comparing the traffic against a known set of intrusion detection signatures. NSX Malware Prevention extracts files from the east-west traffic and north-south traffic and analyzes these files for malicious behavior.
What to read next
Getting Started with NSX IDS/IPS and NSX Malware Prevention NSX IDS/IPS and NSX Malware Prevention features. Understand the system requirements, terminologies used, and complete the prerequisites tasks to prepare your data center for using these two features.Offline Downloading and Uploading NSX Intrusion Detection Signatures NSX , you can use APIs to manually download the NSX intrusion detection signature bundle (.zip ) file, and then upload the signature bundle to NSX Manager . Perform the following steps to download signatures in an offline mode and upload them on NSX .Adding Security Profiles NSX Malware Prevention security protection in your data center, you must attach security profiles to Distributed Firewall rules and Gateway Firewall rules. Using NSX IDS/IPS and NSX Malware Prevention on a Distributed Firewall NSX Malware Prevention feature to detect malicious files in the distributed east-west traffic.Using NSX IDS/IPS and NSX Malware Prevention on a Gateway Firewall NSX Malware Prevention feature to detect malicious files in the north-south traffic.Distributed IDS/IPS Logs Monitoring File Events Monitoring IDS/IPS Events Administering NSX Malware Prevention NSX Malware Prevention feature by using the NSX Application Platform page in the Security tab. Troubleshooting NSX Malware Prevention NSX Malware Prevention feature.
