Set Up Security Groups on the NSX-V Manager

A security group is a logical container that assembles guests across multiple ESXi hosts in the cluster. Creating security groups makes it easier to manage and secure the guests; to understand how security groups enable policy enforcement, see Policy Enforcement using Dynamic Address Groups.
  1. Log in to the vSphere user interface.
  2. Select
    Networking and Security
    Service Composer
    Security Groups
    , and add a
    New Security Group
    .
  3. Add a
    Name
    and
    Description
    . This name will display in the match criteria list when defining dynamic address groups on Panorama.
  4. Select the guests that constitute the security group. You can either add members dynamically or statically. You can
    Define Dynamic Membership
    by matching on security tags (recommended), or statically
    Select the Objects to Include
    . In the following screenshot, the guests that belong to the security group are selected using the
    Objects Type: Virtual Machine
    option.
    nsx_pan-firewall_service_group_servers.png
  5. Review the details and click
    OK
    to create the security group.

Related Documentation