NSX Application Platform Overview

Before you start deploying the VMware NSX^® Application Platform, familiarize yourself with an overview of its purpose and the prerequisites you must meet to successfully deploy the platform.

Deployment Modes

The NSX Application Platform is a modern microservices platform that you can deploy automatically or manually in your NSX environment.

The NSX Application Platform Automation Appliance is a virtual appliance that provides a lightweight bootstrap environment to automate the provisioning of the underlying vSphere with Tanzu and NSX Application Platform. See Automating Deployment of the NSX Application Platform.

Note: The recommended method for deploying the NSX Application Platform is to use the automated appliance.
You can also install and configure the Tanzu Kubernetes Grid (TKG) Cluster on Supervisor or an Upstream Kubernetes cluster and manually install the NSX Application Platform. See Manual Deployment of the NSX Application Platform.

Related Security Services

NSX Application Platform hosts security service capabilities to collect, ingest, and correlate network traffic data in your NSX environment. These features are either automatically activated or are available for activation after a successful NSX Application Platform deployment, depending on your license. The system prerequisites assigned for each feature must also be met to activate it.

Security Service	Functionality
Security Intelligence	The Security Intelligence service provides a distributed network analytics engine for managing the security posture of your NSX data center environment. A detailed graphical visualization of every workload in your NSX data center and all the traffic flows that occurred with those workloads during the specified period. The visualization includes a complete inventory and meta-data of every workload and the continuous layer 7 analysis of every flow. This feature helps eliminate security blind spots and accelerates security incident remediation. The ability to generate firewall recommendations for security policies, policy security groups, and application services. The recommendations assist you in implementing firewall micro-segmentation at the application level. Implementing the recommendations can enforce a more dynamic security policy by correlating traffic patterns of communication between the VMs, physical servers, and IP addresses in your NSX data center environment. For more information, see the Activating and Upgrading Security Intelligence documentation.
VMware NSX^® Network Detection and Response™	NSX Network Detection and Response service provides a scalable threat detection and response solution for workloads. The NSX Network Detection and Response correlation engine analyzes Intrusion Detection/Prevention System (IDS/IPS) events based on threat campaigns, which helps prevent alert overload and simplifies your security operations monitoring processes. This service provides simplified threat triage, scoping, and threat hunting aligned to the MITRE ATT&CK^® Framework. With NSX Network Detection and Response, you can strengthen your network security posture, enhance threat detection capabilities, and respond more effectively to potential security incidents, ultimately reducing the risk of data breaches and unauthorized access to sensitive information. For more details, see the VMware NSX Network Detection and Response documentation.
VMware NSX^® Malware Prevention	NSX Malware Prevention extracts files from the east-west traffic and north-south traffic and analyzes these files for malicious behavior. NSX Malware Prevention can detect and prevent known and unknown malicious files. Unknown malicious files are also referred to as zero-day threats. To detect malware, NSX Malware Prevention uses a combination of the following techniques: Hash-based detection of known malicious files Local analysis of unknown files Cloud analysis of unknown files For information more details, see the VMware NSX Malware Prevention documentation.
VMware NSX^® Metrics	NSX Metrics collects data to monitor key statistics across the entities in your NSX and NSX Application Platform environments. With NSX Metrics service you can monitor theNSX Manager, NSX Edge, NSX distributed firewall, gateway firewall, IDS, and TLS, with point-in-time and time-series capabilities. By default, the data collection feature is activated after a successful deployment and can be deactivated by toggling the NSX Data Collection option from the System > NSX Application Platform > Metrics > widget. For more details, see the NSX Application PlatformMetrics and Metrics API.