A fundamental security requirement is to isolate network traffic. On VxRail, vSphere's virtual networking capabilities provide flexible connectivity and isolation. VxRail VMs communicate with each other using the VMware vSphere Virtual Distributed Switch (VDS), which functions as a single, logical switch that spans multiple nodes in the same cluster. VDS uses standard network protocols and VLAN implementations, and it forwards frames at the data-link layer.

VDS is configured in vCenter Server at the datacenter level, maintaining a secure and consistent network configuration as VMs migrate across multiple hosts. VxRail relies on VDS for internal networking traffic, and vSAN relies on VDS for its network access.

Additionally, VxRail can be configured with NSX to provide software-defined network security and finer level access control using micro-segmentation.