Configuring and applying NSX Security Policies

NSX Security Policies are configured in the VMware vSphere Web Client console. The configured NSX Security Policies must be assigned for previously created NSX Security Groups.

You must configure the use of Kaspersky Security services in each NSX Security Policy:

To configure and apply an NSX security policy:

  1. In the VMware vSphere Web Client console, start the NSX Security Policy Wizard in the Networking & Security → Service Composer section on the Security Policies tab.
  2. If you want to protect virtual machines against file threats, at the Guest Introspection Services step of the Wizard, add the Kaspersky File Antimalware Protection service with a user-defined name and the default action (Apply).
  3. If you want to scan outbound traffic of virtual machines, at the Network Introspection Services step of the Wizard, add the Kaspersky Network Protection service and specify the following values for its settings:
    • User-defined name
    • Redirection of traffic to the network protection service (Kaspersky Network Protection) is enabled (Redirect to service setting)
    • SourcePolicy's Security Groups (selected by default)
    • Destination – Any (selected by default)
  4. If you want to scan inbound traffic of virtual machines, at the Network Introspection Services step of the Wizard, add the Kaspersky Network Protection service and specify the following values for its settings:
    • User-defined name
    • Redirection of traffic to the network protection service (Kaspersky Network Protection) is enabled (Redirect to service setting)
    • Source – Any
    • DestinationPolicy's Security Groups
  5. Finish the NSX Security Policy Wizard.
  6. In the list of NSX security policies on the Security Policies tab, apply the policy (Apply) to the NSX Security Group that includes the protected virtual machines.

For more details about configuring NSX security policies, please refer to the Knowledge Base.

Page top