So lets say you decided to get going using NSX Distributed Firewall, now what ?! When is a firewall rule receiving hits and what VM is communicating with what VM or physical host … and on what port ?! Will you ever get rid of the ANY-ANY-ALLOW rule at the end of the rule base ?! Ideally we would install a instance of VMware vRNI (Network Insight) and get insight in all the traffic flows in the datacenter. But you need deep pockets and you’ll still wouldn’t know when data traffic is “hitting” a certain firewall rule. So for the people and company’s with shallower pockets please note te following: VMware has been so generous throwing in a free license for vRealise LogInsight when you obtain(ed) a NSX license, so lets put it to use !
Please note the scaling of LogInsight:
After you got LogInsight going, you can enable logging for a certain firewall rules and giving it a Log-Tag so you can recognise the traffic in Loginsight.
Then check LogInsight using this TAG as a search query:
Oh YES! So what if you could do this for all traffic passing true you’re NSX environment ?! Maybe this can help you out to get started logging all traffic to VMware LogInsight:
The PowerNSX script using powershell will deploy Logging rules and Tags, which will show up in LogInsight. Doing this for ALL VLANs on your DVS will make ALL traffic traceable and countable. Now you know which VM is communication on which ports and how often. Awesome ! isn’t it ?
My script creates ALLOW rules for each VLAN on the DVS as shown in the screenrecording video:
SECTION VLAN – IP SEGMENT:
VLAN – VLAN
RCF1918 – VLAN
VLAN – RFC 1918
VLAN – PUBLIC IP RANGES
PUBLIC IP RANGES – VLAN
ANY – ANY
Then, finally TOTAL INSIGHT:
Bill
21 maart 2019 — 00:30
Wow, this article is nice!
Edgardo
7 april 2019 — 01:07
Thanks for publishing this awesome article. I’m a long time reader but I’ve never been compelled to leave a comment.
I subscribed to your blog and shared this on my Facebook. Thanks again for a great article!
Kurt
15 mei 2019 — 14:11
I want to to thank you for this excellent read!!
I absolutely loved every little bit of it. I have you book marked
to check out new things you post!
indiaallan
23 juni 2019 — 01:52
Very good article! We are linking to this great post on our website.
Keep up the great writing.
web hosting sites
8 augustus 2020 — 00:34
Excellent web site you have got here.. It’s hard to find excellent writing
like yours nowadays. I seriously appreciate people like you!
Take care!!
adreamoftrains web hosting services
9 augustus 2020 — 02:16
It’s actually a great and useful piece of info. I am satisfied that you simply shared this useful information with us.
Please keep us up to date like this. Thank you for sharing.
adreamoftrains web hosting companies
maribeth bodden
4 december 2020 — 03:09
Hello! I could have sworn I’ve been to this blog before but after browsing through some of the post I realized it’s new to me. Anyways, I’m definitely happy I found it and I’ll be book-marking and checking back frequently!