NTT SmartConnect Launches "VMware Micro-segmentation" Menu for its Cloud Services

NTT SmartConnect Corporation (Headquarters: Osaka City, Osaka Prefecture; President and CEO: Taketo Miyaoku; hereinafter "NTT SmartConnect") has announced the launch of the "VMware Micro-segmentation" menu for its cloud service, SmartConnect Cloud Platform (Type-S) (hereinafter "SCP Type-S").

"VMware Micro-segmentation" is a menu offered by NTT SmartConnect, a VCSP certified partner, that utilizes the "VMware vDefend Firewall" product (hereinafter "this product") to provide a "Distributed Firewall" capable of controlling communication between virtual machines within the same segment (micro-segmentation). The IDS/IPS (Intrusion Detection/Prevention System) functionality within this product's distributed firewall will be a pioneering offering in Japan.

Traditionally, perimeter defense (measures at system entry/exit points) has been the mainstream. However, by utilizing this menu, "lateral movement defense" can be achieved, preventing the spread of threats that have infiltrated the system. This enables more robust security measures against increasingly sophisticated cyberattacks.

**■ What is SCP Type-S?** It is a domestic private cloud service that provides a host-dedicated virtualization platform for customers who wish to use IT infrastructure in the cloud.

**■ What is VMware vDefend Firewall / Distributed Firewall?** It is a firewall product from Broadcom that operates at the hypervisor layer and is applied per virtual machine's virtual network interface (vNIC).

**■ What is a VCSP Certified Partner?** It refers to a VMware Cloud Service Provider certified partner designated by Broadcom.

**1. Background and Purpose** Recently, as a countermeasure against increasingly sophisticated cyberattacks, there has been a growing need for "lateral movement defense" (horizontal movement measures) to prevent the spread of threats that have infiltrated the system, in addition to traditional perimeter defense (measures at system entry/exit points).

To meet these needs, NTT SmartConnect has launched the "VMware Micro-segmentation" menu, which enables communication control between virtual machines.

By utilizing this menu, fine-grained communication control can be achieved for each virtual machine within the SCP Type-S environment.

<Lateral Movement Defense Image>

**2. Overview and Features** The "VMware Micro-segmentation" menu utilizes the "VMware vDefend Firewall" product to provide a "Distributed Firewall" that operates on the hypervisor (ESX) on SCP Type-S *1.

Traditionally, perimeter defense was mainstream, and to control communication within a LAN, it was necessary to finely divide VLANs and route traffic through a perimeter firewall. This led to challenges in network configuration complexity and communication control within the same segment.

By introducing this menu, communication within the same segment between virtual machines can be controlled (micro-segmentation), thereby achieving "simplified network configuration (improved operational efficiency)" and "prevention of lateral movement (robust security measures)."

**<Main Functions>** **・Control per virtual machine:** Communication control is performed directly before the virtual machine's NIC (Network Interface), allowing detection and blocking of unnecessary communication even within the same segment.

**・Advanced L7 Filtering:** Advanced filtering is possible not only based on MAC/IP addresses and port numbers but also on application types (App-ID) and domain names.

**・IDS/IPS (Intrusion Detection/Prevention System):** Utilizing tens of thousands of signatures, it can detect attacks targeting known vulnerabilities and unauthorized communication, and block such communications.

**・Flexible Configuration Management:** Policy management per group is possible through grouping using virtual machine names, OS types, and tags.

**・Log Storage and Visualization *2:** Communication logs can be collected, visualized via dashboards, and alerts can be sent via email (in conjunction with the "VMware Aria Operations for Logs" product *3).

*1: A contract for 3 or more nodes (ESX hosts) is required. *2: A separate optional menu "VMware Micro-segmentation (Log Management)" application is required. *3: This is a Broadcom log management product that collects and visualizes log data output from vDefend Firewall, etc.

<Provisioning Image>

**3. Service Start Date** March 31, 2026 (Tuesday)

**4. SCP Type-S Support Site** Service specifications, price lists, and other details can be found on the following site. SmartConnect Cloud Platform: https://cloud.nttsmc.com/doc/scp/

**5. Related Announcements** Announcement regarding Broadcom's continued certification as a VCSP Partner https://www.nttsmc.com/info/2025/20251212.html

We will continue to strive for further improvement in customer service. We kindly ask for your continued patronage of our services.

**[Customer Inquiries Regarding This Matter]** NTT SmartConnect Corporation Cloud Business Department: Ito, Koshio, Kimura E-mail: cloud_info@nttsmc.com Inquiry Form: https://inquire.nttsmc.com/default/scp