NSX Distributed
Firewall Inactive Rules
VMware Aria
Operations for Networks
supports the visibility of the NSX distributed firewall
rules for which there have been no flows for some time. These rules are known
as inactive rules. Such rules use memory heap and can cause security issues. To
monitor these inactive rules,
VMware Aria
Operations for Networks
provides the following two widgets in the
Security
dashboard:
To view the Security
dashboard, enter
Security
in the
search bar.
- Unused NSX Firewall Rule: This widget lists all the NSX firewall rules where no flow is reported on the given time. You can also use the following search query to retrieve these rules:nsx firewall rule where flow is not set
Ensure that you have
enabled NSX Distributed Firewall IPFIX for the specified time.