ON THIS PAGE
About the NSX Managers Page
To access this page, click Security Director > Devices > NSX Managers.
Use the NSX Managers page to discover the NSX Manager and perform service registration of the vSRX VM with the NSX Manager. The NSX Manager is added as a device in the Security Director and its inventory is synchronized with Security Director.
When you add an NSX Manager in Security Director, the NSX Management RESTful API configures Policy Enforcer as a system log server in NSX Manager. The system log server handler runs in the Policy Enforcer virtual machine. On receiving the security group membership changes from system log, the system log service handler parses the system log and extracts the changed security group details. The security policies with rules having the modified security groups (dynamic address groups) as source or destination addresses are filtered and the perimeter firewall devices assigned to those policies are obtained. A remote procedure call (RPC) is sent to those perimeter firewall devices to update the dynamic address groups. The perimeter firewall devices then obtains and update the IP address feeds from Policy Enforcer.
Before you Begin
Install the Policy Enforcer Release OVA image.
After the installation is complete, log in to the Policy Enforcer VM through SSH. Run the service commands to verify the status of the following services:
service nsxmicro status service sd_event_listener status service nsx_callback_listener status service ssh_listener status
If services are stopped, initiate the services again by running the following commands:
service nsxmicro start service sd_event_listener start service nsx_callback_listener start service ssh_listener start
Select Security Director > Administration > Policy Enforcer > Settings, and add Policy Enforcer to Security Director. For more information, see Identifying the Policy Enforcer Virtual Machine In Security Director.
Download the SSH Key. Copy the vSRX OVA file to the Policy Enforcer VM along with the downloaded SSH key. See Download the SSH Key File.
Obtain the vSRX license key before adding the NSX Manager to the Security Director.
Tasks You Can Perform
You can perform the following tasks from this page:
Download the SSH Key. See Download the SSH Key File.
Add the NSX Manager. See Adding the NSX Manager.
Register security services. See Registering Security Services.
Synchronize the NSX inventory.
Field Descriptions
Table 1 provides guidelines on using the fields on the NSX Managers page.
Field |
Description |
---|---|
Hostname/IP Address |
Specifies the hostname or the IPv4 address of the NSX Manager. |
Name |
Specifies the name of the NSX Manager. |
Associated vCenter |
Specifies the hostname or the IP address of the vCenter associated with the NSX Manager that is automatically fetched by Security Director. |
Associated vCenter Status |
Specifies the connection status of an associated vCenter. |
Service Manager Registration Status |
Specifies the registration status of the security services. |
Services |
Specifies the service definition of a selected NSX Manager. Click View to view the service definition. |
Port |
Specifies the port number of the NSX Manager. |
Username |
Specifies the username of the NSX Manager. The user must have the administrator privileges to access the NSX Manager. |
Connection Status |
Specifies the connection status of the NSX Manager. |