1. Home
    2. VM-Series
    3. VM-Series Deployment Guide
    4. Set Up the VM-Series Firewall on VMware NSX
    5. Set Up the VM-Series Firewall on VMware NSX-V
    6. Create Security Groups and Steering Rules
    7. Create Security Groups and Steering Rules in an Operations Centric Deployment
    8. Set Up Security Groups on the NSX-V Manager

    Set Up Security Groups on the NSX-V Manager

    A security group is a logical container that assembles guests across multiple ESXi hosts in the cluster. Creating security groups makes it easier to manage and secure the guests. The VM-Series firewall can secure static VM membership, using IP Sets that include subnets and ranges, and dynamic VM membership, using tags. When using an IP Set as the membership criteriaTo understand how security groups enable policy enforcement, see Policy Enforcement using Dynamic Address Groups.
    1. Log in to the vSphere user interface.
    2. Select
      Networking and Security
      Service Composer
      Security Groups
      , and add a
      New Security Group
      .
    3. Add a
      Name
       and
      Description
      . This name will display in the match criteria list when defining dynamic address groups on Panorama.
    4. Select the guests that constitute the security group. You can either add members dynamically or statically. You can
      Define Dynamic Membership
       by matching on security tags (recommended), or statically by adding IP Sets under
      Select the Objects to Include
      . In the following screenshot, the guests that belong to the security group are selected using the
      Objects Type: Virtual Machine
       option.
    5. Review the details and click
      OK
       to create the security group.

    Recommended For You

    Recommended Videos

    Recommended videos not found.