VMware NSX provides software-defined networking, virtual networking security services of logical firewalling, logical switching, and logical routing. Virtual network designers programmatically assemble these services in any arbitrary combination to produce unique isolated virtual networks. This technology provides more detailed security than traditional hardware appliances. In virtual environments, you can apply these services at the vNIC level. Traditional services are configured on the physical network.
Selected VMware NSX capabilities are described in detail in the VMware NSX for vSphere (NSX) Network Virtualization Design Guide. You can find procedures for implementing these capabilities in the VMware NSX for vSphere documentation.
NSX is the VMware network virtualization security platform that you can use to construct a secure virtual network environment for your software-defined data center. Use NSX to construct a secure virtualized network by deploying and managing software-defined firewalls, routers, gateways, and their policies. Where VMs are independent of the underlying physical platform and allow IT to treat physical hosts as a pool of compute capacity, virtual networks are independent of the underlying IP network hardware. IT can treat the physical network as a pool of transport capacity that can be consumed and repurposed on demand. Using NSX, you can protect the north south edge traffic and the east-west traffic across network and compute stacks that must maintain data integrity. For example, workloads from different tenants can run securely on individual isolated virtual networks even though they share the same underlying physical network.