When VMware launched NSX earlier this year, it promised a network controller -- extensible using published APIs -- that allows higher level network services such as firewalls, load balancers and application accelerators to plug in at any point in a virtual network. VMware touted more than 20 partners working on NSX integration. The vision sounded great, but given VMware's inclusion of several network services in NSX including firewall, load balancing and VPN termination, it was easy to assume that the promised virtual ecosystem was DOA.

Palo Alto Networks has countered that assumption with its firewall appliance for NSX. Selling optional services against a built-in feature is never an easy task, but Palo Alto has taken up the challenge.

The new appliance marries Palo Alto's next-generation firewall, in virtual appliance form, and Panorama central management platform with ESXi VMs by plugging into the NSX virtual network controller. It's a logical extension of Palo Alto's existing VM-Series by moving the virtual firewall from the VM to the hypervisor, plugging directly into the NSX vSwitch to access all hosts on a given system.

According to Danelle Au, solutions marketing director at Palo Alto Networks, tighter integration into the network control plane via NSX allows better tracking of VM movement, more granular control and easier service insertion to existing VMware infrastructure.

Read the rest of this story at Network Computing.