In the previous Creating DFW rules from the firewall menu recipe, we left the Applied To settings as the default settings (distributed firewall), which applied the DFW rules to all VM's vNICs regardless of VM's location. You may want to change the Applied To settings if you are in one of the following situations:
- In an environment where you have overlapping IP addresses; normally in multitenant or developer environments
- When using app isolation in NSX with vRealize Automation (vRA)
- In a brownfield environment where you want to onboard a specific workload or application
- In an environment where you want to reduce the scope of DFW rules; this will improve DFW efficiency, as the DFW will have fewer rules to evaluate
Make sure you have an existing DFW rule for which you want to have the Applied To field changed.