Product offerings for VMware NSX for vSphere 6.2.x, 6.3.x and 6.4.x
search cancel

Product offerings for VMware NSX for vSphere 6.2.x, 6.3.x and 6.4.x


Article ID: 341853


Updated On:


VMware HCX VMware NSX Networking


This article provides information on:
  • Licensing editions of VMware NSX for vSphere 6.x and list of features associated with the various licensing editions in VMware NSX for vSphere 6.2.x, 6.3.x and 6.4.x.
  • Licensing editions of VMware NSX Data Center for vSphere 6.4.1+ and list of features associated with the various licensing editions in VMware NSX Data Center for vSphere 6.4.1+.


VMware NSX for vSphere 6.4.x
VMware NSX for vSphere 6.2.x
VMware NSX for vSphere 6.3.x




NSX for vSphere 6.2.x, 6.3.x, 6.4.x

VMware NSX has been available as a platform with multiple license tiers since May 3, 2016. The tiers of NSX licenses are as follows:
  • NSX Standard Edition – For organizations needing agility and automation of the network.
  • NSX Advanced Edition – For organizations needing Standard, plus a fundamentally more secure data center with micro-segmentation.
  • NSX Enterprise Edition – For organizations needing Advanced, plus networking and security across multiple domains.
The following table outlines specific functions available by edition. NSX is available as a single download image with license keys required to enable specific functionality.

Note: NSX Standard, Advanced, and Enterprise license keys are effective starting from NSX 6.2.2 onwards.

NSX Data Center for vSphere 6.4.1+

VMware NSX Data Center is available as a platform with multiple license tiers effective June 5, 2018. The tiers of NSX licenses are as follows:
  • NSX Data Center Standard: For organizations that need agility and automation of the network.
  • NSX Data Center Professional: For organizations that need Standard, plus micro-segmentation. They may have public cloud endpoints.
  • NSX Data Center Advanced: For organizations that need Professional, plus advanced networking and security services and integration with a broad ecosystem. They may have multiple sites.
  • NSX Data Center Enterprise Plus: For organizations that need the most advanced capabilities of NSX Data Center, plus vRealize Network Insight for network visibility and security operations, and VMware HCX for hybrid cloud mobility.
  • NSX Data Center for Remote Office Branch Office: For organizations that need to virtualize networking and security for applications in the remote office or branch office.
The following table outlines specific functions available by edition. NSX Data Center for vSphere is available as a single download image with license keys required to enable specific functionality.

Note: NSX Data Center Standard, Professional, Advanced, Enterprise Plus, and Remote Office Branch Office license keys are effective starting from NSX 6.4.1 onwards.
 NSX for vSphere 6.2.x, 6.3.x and 6.4.x**NSX for vSphere 6.4.1+
FeatureStandardAdvancedEnterpriseNSX Data Center StandardNSX Data Center ProfessionalNSX Data Center AdvancedNSX Data Center Enterprise PlusNSX Data Center for Remote Office Branch Office
Hypervisors Supported        
Cross vCenter Networking & SecurityNoNoYesNoNoYesYesYes
Controller Architecture        
NSX ControllerYesYesYesYesYesYesYesYes
Universal Controller for X-VCNoNoYesNoNoYesYesYes
Optimized ARP Learning, BCAST suppressionYesYesYesYesYesYesYesNo
Encapsulation Format        
Replication Mode for VXLAN        
Overlay to VLAN bridging        
SW Bridge (ESXi-based)YesYesYesYesYesYesYesNo
Hardware VTEP (OVSDB) with L2 BridgingNoNoYesNoNoYesYesNo
Universal Distributed Logical Switching (X-VC)NoNoYesNoNoYesYesYes
Multiple VTEP SupportYesYesYesYesYesYesYesNo
Distributed Routing (IPv4 Only)        
Distributed Routing - StaticYesYesYesYesYesYesYesNo
Distributed Routing - Dynamic Routing with BGPYesYesYesYesYesYesYesNo
Distributed Routing - Dynamic Routing with OSPFYesYesYesYesYesYesYesNo
Equal Cost Multi-Pathing with Distributed RoutingYesYesYesYesYesYesYesNo
Universal Distributed Logical Router (X-VC)NoNoYesNoNoYesYesYes
Dynamic Routing without Control VM (Static Only)YesYesYesYesYesYesYesNo
Active-standby Router Control VMYesYesYesYesYesYesYesNo
Edge Routing (N-S)        
Edge Routing Static - IPv4YesYesYesYesYesYesYesYes
Edge Routing Static - IPv6YesYesYesYesYesYesYesYes
Dynamic Routing with NSX Edge (BGP) IPv4YesYesYesYesYesYesYesYes
Dynamic Routing with NSX Edge (OSPFv2) IPv4YesYesYesYesYesYesYesYes
Equal Cost Multi-Pathing with NSX EdgeYesYesYesYesYesYesYesYes
Egress Routing Optimization in X-VCNoNoYesNoNoYesYesNo
DHCP RelayYesYesYesYesYesYesYesYes
Active-Standby NSX Edge RoutingYesYesYesYesYesYesYesYes
VLAN Trunk (sub-interface) supportYesYesYesYesYesYesYesYes
VXLAN Trunk (sub-interface) supportYesYesYesYesYesYesYesNo
Per Interface RPF check on NSX EdgeYesYesYesYesYesYesYesYes
NAT Support for NSX Edge        
NAT Support for NSX EdgeYesYesYesYesYesYesYesYes
Source NATYesYesYesYesYesYesYesYes
Destination NATYesYesYesYesYesYesYesYes
Stateless NAT        
ALG Support for NATYesYesYesYesYesYesYesYes
DHCP ServerYesYesYesYesYesYesYesYes
DHCP RelayYesYesYesYesYesYesYesYes
DNS RelayYesYesYesYesYesYesYesYes
L2 VPN (L2 extension with SSL VPN)NoNoYesNoYesYesYesNo
802.1Q Trunks over L2 VPNNoNoYesNoYesYesYesNo
GRE TunnelsNoYesYesNoYesYesYesYes
Firewall - General        
Single UI for Firewall Rule Enforcement - NS+ EWNoYesYesNoYesYesYesYes
Firewall LoggingYesYesYesYesYesYesYesYes
Rule ExportNoYesYesNoYesYesYesYes
Auto-save & Rollback of Firewall rulesNoYesYesNoYesYesYesYes
Granular Sections of Firewall rule tableNoYesYesNoYesYesYesYes
Distributed Firewall        
DFW - L2, L3 RulesNoYesYesNoYesYesYesYes
DFW - vCenter Object Based RulesNoYesYesNoYesYesYesYes
Identity Firewall Rules for VDI (AD Integration)NoYesYesNoNoYesYesYes
IPFix Support for DFWNoYesYesNoYesYesYesYes
Context-based control of FW enforcement (applied to objects)NoYesYesNoYesYesYesYes
Application and Protocol Identification (Context-Aware Micro-Segmentation)NoNoYesNoNoNoYesNo
Identity Firewall Rules for RDSH (Context-Aware Micro-Segmentation)NoNoYesNoNoNoYesNo
Edge Firewall        
Edge FirewallYesYesYesYesYesYesYesYes
Edge High-AvailabilityYesYesYesYesYesYesYesYes
Service Composer        
Security PolicyYesYesYesYesYesYesYesYes
Security TagsYesYesYesYesYesYesYesYes
vCenter Object based security groupsYesYesYesYesYesYesYesYes
IPSet, MACset based security groupsYesYesYesYesYesYesYesYes
Data Security        
Scan Guest VMs for Sensitive DataNoYesYesn/an/an/an/an/a
Third Party Integration        
Endpoint Service Insertion - Guest IntrospectionYesYesYesYesYesYesYesYes
Network Service InsertionNoYesYesNoNoYesYesYes
Public API based IntegrationYesYesYesYesYesYesYesYes
Edge Load-Balancing        
TCP (L4 - L7)NoYesYesNoNoYesYesYes
HTTPS (Pass-through)NoYesYesNoNoYesYesYes
HTTPS (SSL Termination)NoYesYesNoNoYesYesYes
LB MethodsNoYesYesNoNoYesYesYes
Round RobinNoYesYesNoNoYesYesYes
Src IP HashNoYesYesNoNoYesYesYes
Least ConnectionNoYesYesNoNoYesYesYes
URI, URL, HTTP (L7 engine)NoYesYesNoNoYesYesYes
vCenter Context-aware LBNoYesYesNoNoYesYesYes
L7 Application RulesNoYesYesNoNoYesYesYes
Health Checks        
Connection ThrottlingNoYesYesNoNoYesYesYes
View VIP/Pool/Server ObjectsNoYesYesNoNoYesYesYes
View VIP/Pool/Server StatsNoYesYesNoNoYesYesYes
Global Stats VIP SessionsNoYesYesNoNoYesYesYes
Tunnel Health MonitoringYesYesYesYesYesYesYesYes
Port-Connections ToolYesYesYesYesYesYesYesYes
Server Activity MonitoringNoYesYesn/an/an/an/an/a
Flow MonitoringNoYesYesNoYesYesYesYes
IPFix (VDS Feature)YesYesYesYesYesYesYesYes
Endpoint MonitoringNoNoYesNoNoNoYesNo
Application Rule ManagerNoYesYesNoNoYesYesYes
VMware Tools        
vR Operations ManagerYesYesYesYesYesYesYesYes
vR Log InsightYesYesYesYesYesYesYesYes
Cloud Management Platform        
vRealize Automation        
Logical Switch CreationYesYesYesYesYesYesYesYes
Distributed router creationYesYesYesYesYesYesYesNo
Distributed firewall security consumptionNoYesYesNoYesYesYesYes
Load-balancing consumptionNoYesYesNoNoYesYesYes
App IsolationNoYesYesNoYesYesYesYes
VMware Integrated OpenStack (Neutron Plugin)        
VLAN Provider NetworksYesYesYesYesYesYesYesNo
Overlay Provider NetworksYesYesYesYesYesYesYesNo
Overlay Tenant NetworksYesYesYesYesYesYesYesNo
Metadata Proxy ServiceYesYesYesYesYesYesYesNo
DHCP ServerYesYesYesYesYesYesYesNo
Neutron Router - Centralized - SharedYesYesYesYesYesYesYesNo
Neutron Router - Centralized - ExclusiveYesYesYesYesYesYesYesNo
Neutron Router - DistributedYesYesYesYesYesYesYesNo
Static Routes on Neutron RouterYesYesYesYesYesYesYesNo
Floating IP SupportYesYesYesYesYesYesYesNo
No-NAT Neutron RoutersYesYesYesYesYesYesYesNo
Neutron Security Groups using Stateful FirewallNoYesYesNoYesYesYesNo
Port SecurityYesYesYesYesYesYesYesNo
Neutron L2 GatewayYesYesYesYesYesYesYesNo
Load Balancing (LBaaS)NoYesYesNoYesYesYesNo
Admin Utility (Consistency Check, Cleanup)YesYesYesYesYesYesYesNo
Cross VC Logical Networking and SecurityNoNoNoNoNoNoNoNo
vRealize Network Insight        
Traffic (IPFIX) Visibility and Network MonitoringNoNoNoNoNoNoYesNo
Firewall Planning & ManagementNoNoNoNoNoNoYesNo
NSX Operations and TroubleshootingNoNoNoNoNoNoYesNo
VMware HCX        
Large Scale Workload MigrationNoNoNoNoNoNoYesNo
WAN Optimization for Workload MigrationNoNoNoNoNoNoYesNo
Traffic and Load Management Across Multiple LinksNoNoNoNoNoNoYesNo
* For more information on specific version support and other details, see the VMware Product Interoperability Matrices.
** Distributed Firewall with L7 added in NSX for vSphere 6.4.x.
    Additional License Notes

    NSX for vShield Endpoint

    vShield Endpoint is a feature which allows you to offload antivirus and anti-malware agent processing to a dedicated secure virtual appliance. With the release of NSX 6.2.4, the default license is NSX for vShield Endpoint, allowing you to manage your vShield Endpoint environment with NSX. Customers who purchased vSphere with vShield Endpoint (Essential Plus and later) will be able to download NSX. This means that NSX will appear on the vSphere download site like vCNS. To ensure customers do not use any other unlicensed NSX features (eg. VXLAN, DFW, Edge services), the license key will have hard enforcement to prevent NSX host preparation and block Edge creation.

    Log Insight for NSX

    VMware vRealize Log Insight for NSX provides intelligent log analytics for NSX. Log Insight provides monitoring and troubleshooting capabilities and customizable dashboards for network virtualization, flow analysis, and alerts. The 3.3.2 version of Log Insight accepts NSX Standard/Advanced/Enterprise edition license keys issued for NSX 6.2.2 and later. The 4.6.1 version of Log Insight introduces support for NSX Data Center editions (Standard, Professional, Advanced, Enterprise Plus, Remote Office Branch Office).

    Additional Information

    VMware NSX for vSphere 6.2.x および 6.3.x の製品提供
    针对 VMware NSX for vSphere 6.2.x 和 6.3.x 的产品服务