VCAP6-NV Deploy - Objective 4.2 - Configure and Manage Service Composer
VMware NSX-V VCAP6-NV VCIX6-NV HOWTO
Published on 7 September 2017 by Christopher Lewis. Words: 452. Reading Time: 3 mins.
Skills and Abilities
Objective 4.2 - Configure and Manage Service Composer
- Create/configure Service Composer according to a deployment plan:
- Configure Security Groups
- Configure Security Policies
- Configure Activity Monitoring for a Security Policy
- Create/edit/delete Security Tags
- Create a Security Tag
- Edit a Security Tag
- Assign a Security Tag
- Detach a Security Tag
- Delete a Security Tag
- Configure Network Introspection
- Configure Guest Introspection
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Create/configure Service Composer according to a deployment plan:
Configure Security Groups
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Using your favourite web browser, navigate to the vCenter Server login page (https://vcenter.fqdn).
Enter appropriate User name and Password and click Login.
Click Networking and Security.
Click Service Composer.
Click Security Policies tab and then click New Security Group.
Enter a Name for the new Security Group and click Next.
Specify the membership requirements for the dynamic membership and click Next.
Select the Object Type (dropdown), move the objects to the Select Objects list and click Next.
Select the Object Type (dropdown), move the objects to the Select Objects list and click Next.
Click Finish.
Configure Security Policies
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Using your favourite web browser, navigate to the vCenter Server login page (https://vcenter.fqdn).
Enter appropriate User name and Password and click Login.
Click Networking and Security.
Click Service Composer.
Click Security Policies tab and then New Security Policy.
Enter the Name of the new Policy, (optionally) select the Inherit Security Policy check box and select a Parent Policy (dropdown), then click OK.
Note: We’re skipping guest introspection services as i haven’t configured anything.
Click Next.
Click Add(+).
Enter the Name for the new Firewall Rule and select an Action option (Allow, Reject or Block). (Optional) (Optional) At Source, click Change to choose an Object as the source. (Optional) At Destination, click Change to choose an Object as the destination. (Optional) At Service, click Change to choose the Service type (HTTPS,HTTP etc). At Status, select the Enabled option and (optional) click the Log option.
Click OK and add additional rules as required.
Click Next.
Click Next.
Click Finish.
Assigning the Security Policy to a Security Group
Right Click on the Security Policy.
Click Apply Policy.
Check the Security Group to apply the Security Policy too.
Click OK.
Configure Activity Monitoring for a Security Policy
Watch this space!
Create/Edit/Remove Security Tags
See HOWTO: Configure VMware NSX Security Tags
Configure Network Introspection
Watch this space!
Configure Guest Introspection
Watch this space!
Published on 7 September 2017 by Christopher Lewis. Words: 452. Reading Time: 3 mins.
- Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
- Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
- Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 5
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 4