VMware Inc. (NYSE: VMW) today announced that the Defense Information Systems Agency (DISA) has added the Security Technical Implementation Guide (STIG) for VMware NSX® to the Department of Defense (DoD) Cyber Exchange.
The updated DISA STIG outlines the installation requirements, security policies and controls for deploying VMware NSX within the Department of Defense and other federal agencies. The STIG will also help provide a vetted, more secure baseline for non-DoD entities to measure their security posture.
Across the public sector, agencies are navigating accelerated innovation alongside the journey to Zero Trust security. As the threat landscape evolves, the release of DISA's STIG for VMware NSX will empower agencies to leverage VMware's advanced network virtualization and security platform to better protect and manage their multi-cloud environments. With VMware NSX, we are helping customers modernize their cloud networks to deliver apps faster while also protecting against today’s threats.”
Jennifer Chronis, vice president, public sector, VMware.
The STIG requirements confirm VMware NSX implementation is consistent with DoD cybersecurity policies, standards, architectures, security controls and validation procedures, when applicable NIST SP 800-53 cybersecurity controls are applied to all systems and architectures. The DISA STIG for VMware NSX provides guidance on configuring various components of an NSX environment, including the NSX Manager, Gateway Router, Distributed Firewall, and Gateway Firewall.
The latest version of NSX joins VMware vSphere and VMware vSAN for which DISA has previously released STIGs. To view the official STIG, visit the DoD Cyber Exchange Public website and view the STIG release memo for VMware NSX.
Multi‑Cloud for Mission Success
Earlier this month, VMware announced the findings of a study on how government agencies are scaling the use of multi-cloud environments. The study, titled “Multi-cloud Is The New Frontier Of Government IT," conducted by Forrester Consulting, found that while the move to multi-cloud is a priority, agencies face challenges in supporting growing cloud environments, including compliance standards, data security and upskilling employees.