Logical firewalls

Logical firewalls are of two types: distributed firewall and Edge firewall. A distributed firewall is ideally deployed to protect any east-west traffic, while an Edge firewall protects any north-south traffic.

Server-to-server traffic is considered east-west, while client-server traffic is known as north-south.

The firewall rules UI allows you to add sections to separate firewall rules. Both L2 and L3 rules can have multiple sections that can be managed accordingly. For cross-vCenter environments, you must create a universal section before you can add the universal rules, and you must manage the universal rules from the primary NSX manager.

To add a firewall rule, follow these steps:

  1. Go to Networking & Security | Firewall ...

Get Learning VMware NSX - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.