As explained in the introduction, the NSX DFW offers service insertion with third-party partner network and security services, which can be network introspection services or Guest Introspection services. In this recipe, we will deploy third-party network and security services for NSX. Once services are deployed, the network or guest introspection rules can be created through the Service Composer covered in earlier recipes.
Make sure you have Security Administrator or Enterprise Administrator access to NSX. To deploy partner services, the following prerequisites need to be satisfied:
- A third-party management component must be deployed. Check the vendor's documentation.
- Third-party service VM OVA must be downloaded or prepared.
- vSphere cluster must be prepared for NSX. Network or Guest Introspection services are deployed on a vSphere cluster basis.
- Data stores, PortGroups, and IP addresses should be allocated for the partner service...