How to Enable Distributed IDS/IPS in AVS, GCVE, and OCVS in NSX-T 3.2.x
Article ID: 336796
Updated On:
Products
VMware NSX
Issue/Introduction
This article provides steps to enable VMWare NSX Distributed IDS/IPS in AVS, GCVE, and OCVS in 3.2.x releases.
Environment
VMware NSX-T Data Center 3.x
VMware NSX-T Data Center
VMware NSX-T Data Center
Resolution
License Key Needed
An appropriate “License Key” (i.e., NSX Firewall with Threat Prevention) is required to enable Distributed IDS/IPS feature in AVS, GCVE, and OCVS.
Adding Distributed IDS/IPS License Key
Admin privilege is required to add a license key from the NSX Manager. Follow these steps to add the license key.
Enabling Distributed IDS/IPS
Once VMware NSX detects an appropriate license, IDS/IPS Start Setup and Skip Setup buttons are displayed on NSX Manager. This link outlines configuration details.
Supported Feature
The following table outlines features supported in AVS, GCVE, and OCVS as part of VMware NSX Distributed IDS/IPS enablement.
| Feature | Supported in AVS, GCVE and OCVS |
| Distributed Firewall | |
| Advanced L7 Application Identification Rules | Y |
| Gateway Security | |
| Advanced L7 Application Identification Rules | N |
| URL Filtering | N |
| Identity Firewall | |
| Gateway Identity Firewall using Active Directory Event Server | N |
| Gateway Identity Firewall using third-party log sources | N |
| NSX Distributed Threat Prevention | |
| Distributed Intrusion Detection Service (IDS) | Y |
| Distributed Behavioral IDS | Y |
| Distributed Intrusion Prevention Service (IPS) | Y |
| NSX Gateway Threat Prevention | |
| Gateway TLS Decryption | N |
| Gateway Intrusion Detection Service (IDS) -Behavioral | N |
| Gateway Intrusion Prevention Service (IPS) | N |
Caveats
NSX Firewall with Threat Prevention “License Key” enables additional features besides Distributed IDS/IPS which are “Tech Preview” in AVS, GCVE, and OCVS. Tech Preview features are not intended for production and hence, are not supported by VMware. The features exclusively listed in the above table are only supported in AVS, GCVE, and OCVS as part of VMware NSX Distributed IDS/IPS enablement.
Feedback
Yes
No
Powered by
