VMware vDefend Distributed Firewall

Firewall software

Network security software

Features
Ease of use
Ease of management
Quality of support
Affordability
Market presence

Take the quiz to check if VMware vDefend Distributed Firewall and its alternatives fit your requirements.

Get started

Pricing from

Contact the product provider

Free Trial unavailable

Free version unavailable

User corporate size

Small

Medium

Large

User industry

Information technology and software
Healthcare and life sciences
Energy and utilities

What is VMware vDefend Distributed Firewall

VMware vDefend Distributed Firewall is a hypervisor-distributed firewall that enforces network security policy at the virtual network interface level for workloads running in VMware environments. It is used by infrastructure and security teams to implement micro-segmentation, east-west traffic control, and application-aware rules inside data centers and private clouds. The product integrates with VMware’s virtualization and networking stack to apply policy close to workloads rather than relying only on perimeter appliances. It is typically deployed as part of VMware’s broader network virtualization and security platform.

Micro-segmentation at workload level

The firewall enforces rules at the vNIC level, which supports granular segmentation between workloads on the same host or across clusters. This design is well-suited for controlling east-west traffic that may not traverse traditional perimeter firewalls. Policies can be expressed in terms of workload attributes (for example, groups/tags) rather than only IP addresses, which helps in dynamic virtualized environments.

Distributed enforcement architecture

Because enforcement occurs in the hypervisor, traffic does not need to hairpin through centralized firewall appliances for many internal flows. This can reduce reliance on choke points for intra-data-center controls and can simplify segmentation designs in highly virtualized environments. The approach aligns with operational models where security controls are embedded into the virtualization layer.

Tight VMware platform integration

The product integrates with VMware management and networking components, enabling policy to follow virtual machines as they move (for example, during vMotion) within the environment. It supports centralized policy management and consistent enforcement across hosts where the relevant VMware components are deployed. This integration can reduce the number of separate security control planes required for internal segmentation in VMware-centric estates.

VMware ecosystem dependency

The distributed firewall is primarily designed for VMware virtualized environments and depends on VMware’s underlying platform components. Organizations with significant non-VMware virtualization, bare metal, or heterogeneous cloud networking may need additional controls to achieve consistent segmentation. This can increase architectural complexity when standardizing policy across mixed environments.

Operational and policy complexity

Micro-segmentation requires careful application discovery, rule design, and ongoing policy lifecycle management to avoid outages. Teams often need mature processes for change control, exception handling, and troubleshooting distributed rules. Without disciplined governance, rule sprawl and inconsistent intent mapping can become operational risks.

Licensing and packaging variability

Capabilities and entitlements can vary by VMware/Broadcom packaging and editions, which can complicate procurement and long-term planning. Costs may be harder to compare directly with standalone firewall products because the firewall is commonly bundled with broader virtualization/networking suites. Organizations may need detailed SKU validation to confirm feature availability for their use case.

Plan & Pricing

Pricing model: Per-compute-core subscription (add-on to VMware Cloud Foundation) How sold / Editions:

VMware vDefend Firewall — delivers Distributed Firewall (DFW), Gateway Firewall (GFW), Container Security (license delivered as solution key).
VMware vDefend Firewall with Advanced Threat Prevention — adds Advanced Threat Prevention (ATP) capabilities. Units / Metering: Licensed and metered per compute core for Distributed Firewall (1 compute core = 1 license unit); Gateway Firewall metering is expressed per gateway firewall core (gateway core grouping applies). Metering and overage billing for vDefend add-ons is supported via VCF Usage Meter. Public list prices / MSRP: Not published on the public product pages; official MSRP/price list for VCF and add-ons is maintained in the Broadcom/VMware partner/portal (customers/partners are directed to Broadcom/VMware sales or the Broadcom Portal for MSRP). Key notes:
Licenses are issued as solution keys in the Broadcom Support/Entitlements portal.
vDefend is offered as an add-on to VMware Cloud Foundation and is positioned and documented as a per-core add-on (DFW/GFW/ATP as selectable offers).
Public-facing product pages and blogs describe features and packaging but do not publish numeric per-core list prices; customers are directed to contact sales or partners for price lists.

(Official sources used: VMware product/blog pages and Broadcom (VMware) knowledge/press pages.)

Seller details

Broadcom Inc.

Palo Alto, California, USA

1961

Public

https://www.broadcom.com/

https://x.com/Broadcom

https://www.linkedin.com/company/broadcom/

Tools by Broadcom Inc.

VMware Integrated OpenStack

›

Layer7 API Management

›

Layer7 API Gateway

›

Layer7 API Developer Portal

›

Clarity Design System

Broadcom Service Virtualization

›

CA RFID Asset Management

›

Clarity

›

VMware Cloud Foundation

›

VMware Cloud Director

›

VMware Cloud on AWS

›

VMware vSphere Foundation

›

DX Unified Infrastructure Management

›

Generative AI & LLM	AI code generation software AI image generators software AI video generators AI writing assistants Large language models (LLMs) software
Agents, autonomous & workflow automation	AI chatbots software AI customer support agents software Bot platforms software General-purpose AI agents
Vertical AI	Data science and machine learning platforms Machine learning software
Sales	CPQ software CRM software E-signature software Sales enablement software
Marketing	Email marketing software Marketing automation software SEO tools Social media management tools
Security	Antivirus software Firewall software Identity and access management (IAM) software
Analytics	Analytics platforms Data visualization tools
Collaboration & productivity	Collaborative whiteboard software Video conferencing software
Commerce	E-commerce platforms Payment processing software
Content management	Document management software Knowledge base software Website builder software
Customer service	Customer service automation software Customer success software Help desk software Live chat software
Development	Cloud platform as a service (PaaS) software
ERP	Accounting software ERP systems Expense management software Project management software
HR	Applicant tracking systems (ATS) Payroll software Time tracking software
IT infrastructure	Data warehouse solutions ETL tools Infrastructure as a service (IaaS) providers iPaaS software
IT management	Business process management software Robotic process automation (RPA) software Workflow management software

VMware vDefend Distributed Firewall

What is VMware vDefend Distributed Firewall

Micro-segmentation at workload level

Distributed enforcement architecture

Tight VMware platform integration

VMware ecosystem dependency

Operational and policy complexity

Licensing and packaging variability

Plan & Pricing

Seller details

Tools by Broadcom Inc.

Popular categories

Generative AI & LLM

Agents, autonomous & workflow automation

Vertical AI

Sales

Marketing

Security

Analytics

Collaboration & productivity

Commerce

Content management

Customer service

Development

ERP

HR

IT infrastructure

IT management