To enforce security policies in a VM-Series and NSX integrated data center, Panorama must be able to obtain information on the changes in the virtual landscape. As new virtual machines are deployed, changed, or deleted, the NSX Manager informs Panorama of IP addresses added, removed from security groups on the NSX Manager. Panorama in turn then, pushes this information to the VM-Series firewalls. Dynamic address groups referenced in firewall policies match against this information to determine the members that belong to the group. This process allows the firewall to enforce context-aware security policy, which secures traffic to and from these virtual machines. For details on dynamic address groups, see
Policy Enforcement using Dynamic Address Groups .

|
|
|
![]() |
|
![]()
admin@Panorama>
</update> </vmware-service-manager> </partner> </request> </operations></request>
|
|
|
|
|
|
|