The NSX-IPFIX integration enables the visibility of the blocked and protected flows in the system.
The basic filters in the
Security Planning page are as follows:
- All allowed flows: To see all the flows where firewall rules are set as Allowed, select this option. The All allowed flows option is the default option.
- Dropped flows: This option helps to detect the dropped flows and planning the security in a better way.
- Protected allowed flows: This option helps to detect all the flows which have a rule other than of the type
any(source)
any(dest)
any(service)
allow
associated with it. Such flows are known as protected flows. - All unprotected flows: This option helps to detect all the flows that have the default rules of the type
any(source)
any(dest)
any(service)
allow
. Such flows are known as unprotected flows.
The firewall rules are visible only for the allowed and unprotected flows.
For example, if you are in the planning phase and you want to see the allowed flows in the system, perform the following steps:
- On the Micro-Segmentation Planning page, for a particular group, select All Allowed Flows from the drop-down menu.
- Click the dropped flows in the topology diagram to see the corresponding recommended firewall rules.
- Implement those firewall rules by exporting them into the NSX manager.