Configuring Policy per vNIC to Secure Only Some of a VM’s vNICs

The Policy per vNIC feature includes an option that allows you to secure some of your vNICs and leave others unsecured. To use this option, you must enable Policy per vNIC. You use the Policy per vNIC pane on the Install Settings page to enable Policy per vNIC and to select the Enable opt-out of firewalling per vNIC option.

If you select the Enable opt-out of firewalling per vNIC option, the unit of configuration is the VM and port group. That is, vNICs cannot be secured individually if they belong to the same port group. This behavior protects against your having a secured and an unsecured connection to the same port group.

Note: When new interfaces are added to a VM that includes vNICs that are not secured, the new vNICs are automatically secured. If you want them not to be secured, you must manually unsecure them.

Related Documentation