NAPP Intelligence Recommendation Shows Source/Destination as ‘ANY’ for Rules with Service Type ‘ANY’
search cancel

NAPP Intelligence Recommendation Shows Source/Destination as ‘ANY’ for Rules with Service Type ‘ANY’

book

Article ID: 425156

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention VMware vDefend Network Detection and Response

Issue/Introduction

When executing NSX Intelligence recommendations within NAPP, please be advised that firewall rules configured with the service type set to "ANY" may cause issues with the output.

Specifically, this configuration can result in recommended rules where the source and/or destination are identified as "ANY" rather than specific groups.

Environment

NAPP 4.x

Cause

- The engine is currently unable to distinguish between initiator and responder workloads. Consequently, it cannot definitively assign workloads to specific source or destination groups.
 
- As flow direction is not currently factored into the analysis, the system defaults to "ANY" for the source and destination. This is the expected behavior under these parameters.
 

Resolution

To generate more granular recommendations, toggle  to activate 'Flow Direction-Aware Rules'


Powered by Wolken Software