Book Image

VMware NSX Cookbook

By : Bayu Wibowo, Tony Sangha
Book Image

VMware NSX Cookbook

By: Bayu Wibowo, Tony Sangha

Overview of this book

This book begins with a brief introduction to VMware's NSX for vSphere Network Virtualization solutions and how to deploy and configure NSX components and features such as Logical Switching, Logical Routing, layer 2 bridging and the Edge Services Gateway. Moving on to security, the book shows you how to enable micro-segmentation through NSX Distributed Firewall and Identity Firewall and how to do service insertion via network and guest introspection. After covering all the feature configurations for single-site deployment, the focus then shifts to multi-site setups using Cross-vCenter NSX. Next, the book covers management, backing up and restoring, upgrading, and monitoring using built-in NSX features such as Flow Monitoring, Traceflow, Application Rule Manager, and Endpoint Monitoring. Towards the end, you will explore how to leverage VMware NSX REST API using various tools from Python to VMware vRealize Orchestrator.
Table of Contents (19 chapters)
Title Page
Packt Upsell
Foreword
Contributors
Preface
Index

Creating Security Policy Rules from the Firewall Table Menu


In this recipe, we will configure DFW rules using the NSX firewall table menu. The firewall table menu is a similar method to creating firewall rules as you would use in a traditional firewall, therefore is most commonly where users configure most of their firewall policy.

Getting ready

To configure the distributed firewall, the following prerequisites must be met:

  • Log in as a user with the security administrator or enterprise administrator role
  • Virtual machines that will be applied with the DFW rule must have the ESXi hosts prepared for NSX
  • DFW and VSFWD are enabled and running on ESXi hosts. This is covered in the Verifying NSX DFW components status recipe

How to do it...

In this recipe, we will cover how to create a firewall section and how to create a DFW rule.

Creating Firewall Sections

To organize DFW rules, you can create firewall sections, and in this example, we will create a firewall section for Application A:

  1. From the vSphere web...