Create Service Definitions
- Panorama > VMware NSX > Service Definitions
A service definition allows you to register the VM-Series firewall as a partner security service on the NSX Manager. You can define up to 32 service definitions on Panorama and synchronize them on the NSX Manager.
Typically, you will create one service definition for each tenant in an ESXi cluster. Each service definition specifies the OVF (PAN-OS version) used to deploy the firewall and includes the configuration for the VM-Series firewalls installed on the ESXi cluster. To specify the configuration, a service definition must have a unique template, a unique device group and the license auth-codes for the firewalls that will be deployed using the service definition. When the firewall is deployed, it connects to Panorama and receives both its configuration settings—including the zone(s) for each tenant or department that the firewall will secure—and its policy settings from the device group specified in the service definition.
To add a new service definition, configure the settings as described in the following table.
Enter the name for the service you want to display on the NSX Manager.
(Optional) Enter a label to describe the purpose or function of this service definition.
Select the device group or device group hierarchy to which these VM-Series firewalls will be assigned. For details, see Panorama > VMware NSX.
Select the template to which the VM-Series firewalls will be assigned. For details, see Panorama > Templates.
Each service definition must be assigned to a unique template or template stack.
A template can have multiple zones (NSX Service Profile Zones for NSX) associated with it. For a single-tenant deployment, create one zone (NSX Service Profile Zone) in the template. If you have a multi-tenant deployment, create a zone for each sub-tenant.
When you create a new NSX Service Profile Zone, it is automatically attached to a pair of virtual wire subinterfaces. For more information, see Network > Zones.
VM-Series OVF URL
Enter the URL (IP address or host name and path) where the NSX Manager can access the OVF file to provision new VM-Series firewalls.
Select a notify group from the drop-down.
Create the Service Definitions on Panorama
Create the Service Definitions on Panorama A service definition specifies the configuration for the VM-Series firewalls installed on each host in an ESXi cluster. The ...
Plan Your Multi-NSX Deployment
Plan Your Multi-NSX Deployment You must carefully plan your device group hierarchy and template stacks and consider how they interact with the other components needed ...
What is Multi-Tenant Support on the VM-Series Firewall for NSX?
What is Multi-Tenant Support on the VM-Series Firewall for NSX? Multi-tenancy on the VM-Series firewall enables you to secure more than one tenant or more ...
Deploy the VM-Series Firewall in a Multi-NSX Manager Environment
Deploy the VM-Series Firewall in a Multi-NSX Manager Environment Whether you are deploying a single NSX Manager or a multi-NSX Manager environment, set up the ...
Register the VM-Series Firewall as a Service on the NSX Manager
Register the VM-Series Firewall as a Service on the NSX Manager You need to enable communication between Panorama and the NSX Manager and then register ...
Use Case: Shared Security Policies on Dedicated Compute Infrastructure
Use Case: Shared Security Policies on Dedicated Compute Infrastructure If you are a Managed Service Provider who needs to secure a large enterprise ( tenant ...
VM-Series Firewall for NSX Deployment Checklist
VM-Series Firewall for NSX Deployment Checklist To deploy the VM-Series firewall for NSX, use the following workflow: Step 1: Set up the Components —To deploy ...
Configure Access to the NSX Manager
Configure Access to the NSX Manager Panorama > VMware NSX > Service Managers To enable Panorama to communicate with the NSX Manager, Add and configure ...
How Do the Components in the VM-Series Firewall for NSX Solution Work Together?
How Do the Components in the VM-Series Firewall for NSX Solution Work Together? To meet the security challenges in the software-defined data center, the NSX ...