NV technologies make it possible to employ virtual firewalls that can be attached to specific applications and segregate them based on risk. This is the concept of building a secure DMZ in the data center. The end result is that the virtual firewall is not only capable of examining every packet associated with a specific application, but keeping track of what specific firewall rules are associated with a particular application becomes much simpler.
When deployed in concert with an SDN platform, building a secure DMZ simplifies network security overall. Instead of having to depend on multiple routers and switches strewn across the enterprise, control over network functionality becomes concentrated in the SDN controller.
Read more at SDx Central