Logical firewalls are of two types: distributed firewall and Edge firewall. A distributed firewall is ideally deployed to protect any east-west traffic, while an Edge firewall protects any north-south traffic.
Server-to-server traffic is considered east-west, while client-server traffic is known as north-south.
The firewall rules UI allows you to add sections to separate firewall rules. Both L2 and L3 rules can have multiple sections that can be managed accordingly. For cross-vCenter environments, you must create a universal section before you can add the universal rules, and you must manage the universal rules from the primary NSX manager.
To add a firewall rule, follow these steps:
- Go to
Networking & Security|
- Ensure that you have selected the
NSX Managerwhere you want to configure the rules. In a cross-vCenter environment, select the primary NSX manager to add universal firewall rules:
Generaltab allows you to add L3 rules, while the