Set Up Security Groups on the NSX-V Manager

A security group is a logical container that assembles guests across multiple ESXi hosts in the cluster. Creating security groups makes it easier to manage and secure the guests. The VM-Series firewall can secure static VM membership, using IP Sets that include subnets and ranges, and dynamic VM membership, using tags. When using an IP Set as the membership criteriaTo understand how security groups enable policy enforcement, see Policy Enforcement using Dynamic Address Groups.
  1. Log in to the vSphere user interface.
  2. Select
    Networking and Security
    Service Composer
    Security Groups
    , and add a
    New Security Group
  3. Add a
    . This name will display in the match criteria list when defining dynamic address groups on Panorama.
  4. Select the guests that constitute the security group. You can either add members dynamically or statically. You can
    Define Dynamic Membership
    by matching on security tags (recommended), or statically by adding IP Sets under
    Select the Objects to Include
    . In the following screenshot, the guests that belong to the security group are selected using the
    Objects Type: Virtual Machine
  5. Review the details and click
    to create the security group.

Recommended For You