A security group is a logical container that
assembles guests across multiple ESXi hosts in the cluster. Creating
security groups makes it easier to manage and secure the guests. The
VM-Series firewall can secure static VM membership, using IP Sets
that include subnets and ranges, and dynamic VM membership, using
tags. When using an IP Set as the membership criteriaTo understand
how security groups enable policy enforcement, see Policy
Enforcement using Dynamic Address Groups.
Log in to the vSphere user interface.
Networking and Security
and add a
New Security Group
This name will display in the match criteria list when defining
dynamic address groups on Panorama.
Select the guests that constitute the security group.
You can either add members dynamically or statically. You can
by matching on security tags (recommended),
or statically by adding IP Sets under
Select the Objects
. In the following screenshot, the guests
that belong to the security group are selected using the