EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

LAB NSX Micro-Segmentation

LAB NSX Micro-Segmentation

Posted on Jan 17, 2020 (0)

NSX Micro-Segmentation

Task:

Configure Micro segmentation policy such a way that, Finance department servers should not talk to HR department servers. 

Topology

 

Solution:

Click Home | Network & Security

  1. Click the Firewall
  2. Click the ADD SECTION icon in the top row of the Firewall Configuration rules

  1. Enter "Dclessons-New-Rule " to name the new section
  2. Click the Add button

Create a New Firewall Rule

Click the "Add Rule" on the Dclessons-New-Rule section

  1. Enter "Block HR to Finance " in the Rule Name field and hit enter on Keyboard
  2. Click the edit icon to edit the Source Object from Any

Create New Security group from the Object Type drop down menu

  1. Click New Security Group to define the HR App security group
  2. Enter "HR App" as the Name of the security group
  3. Click Next

Define Dynamic Membership : Select VM Name from the Criteria Details drop down menu

  1. Enter "hr" into the text field to set the criteria for VM name
  2. Click Finish

Verify the new HR App security group has been added to the Selected Objects

  1. Click SAVE
  2. Enter Destination Object : Click the Destination field to edit the Destination Object from Any
  3. Select Security Group from the Object Type drop down menu.
  4. Click New Security Group to define the Finance App security group.
  5. Enter "Finance App" as the Name of the security group
  6. Click Next
  7. Select VM Name from the Criteria Details drop down menu
  8. Enter "fin" into the text field to set the criteria for VM name
  9. Click Finish

Action cell of the Firewall rule, and click the Allow Field drop down to edit the action

  1. Select Block from the Action drop down menu.
  2. Click Save.


Add a New Firewall Rule

Click the three dots icon of the Block HR to Finance Traffic section

  1. Select "Add Rule Above"
  2. Enter "Block Finance to HR " in the Rule Name field and then hit enter on keyboard
  3. Click the Source Field and edit the Source Object

Select Security Group from the Object Type drop down menu

  1. Select the Finance App security group
  2. Click the Arrow icon to move the object to the Selected Objects list
  3. Click SAVE

Click the Destination Field to edit the Destination Object Select Security Group from the Object Type drop down menu

  1. Select the HR App security group
  2. Click the Arrow icon to move the object to the Selected Objects list
  3. Click SAVE
  4. Select Block from the Action drop down menu

Click Publish Changes to deploy the new firewall rules to the effected VMs and hosts.

Validate Finance Application is working

Click the tab  Finance Department URL from Crome

  1. Click the Refresh button
  2. Validate you are accessing the Financial Department Cost Centers Database.

Click the fin-web-01a.corp.local remote console session on the Taskbar.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.