VMware Aria Operations for Networks 6.14

6.14 6.13 6.12 6.11 6.10
简体中文 Deutsch Español Français 日本語 한국어 繁體中文 English

Viewing Blocked and Protected Flows

The NSX-IPFIX integration enables the visibility of the blocked and protected flows in the system.
The basic filters in the
Security Planning
 page are as follows:
  • All allowed flows
    : To see all the flows where firewall rules are set as
    Allowed
    , select this option. The
    All allowed flows
     option is the default option.
  • Dropped flows
    : This option helps to detect the dropped flows and planning the security in a better way.
  • Protected allowed flows
    : This option helps to detect all the flows which have a rule other than of the type
    any(source)
    any(dest)
    any(service)
    allow
     associated with it. Such flows are known as protected flows.
  • All unprotected flows
    : This option helps to detect all the flows that have the default rules of the type
    any(source)
    any(dest)
    any(service)
    allow
    . Such flows are known as unprotected flows.
The firewall rules are visible only for the allowed and unprotected flows.
For example, if you are in the planning phase and you want to see the allowed flows in the system, perform the following steps:
  1. On the Micro-Segmentation Planning page, for a particular group, select
    All Allowed Flows
     from the drop-down menu.
  2. Click the dropped flows in the topology diagram to see the corresponding recommended firewall rules.
  3. Implement those firewall rules by exporting them into the NSX manager.
The user interface of the Micro-Segmentation Planning page where the All Allowed Flows option is selected from the Flow Type drop-down menu.

Content feedback and comments