The integration between Carbon Black Cloud Workload and NSX-T orchestrates network remediations using NSX-T Distributed Firewall (DFW) policies, and associated tags. After registering the Carbon Black Cloud Workload with the NSX Manager, you can use the newly created NSX policies to remediate VM workloads within the Carbon Black Cloud console, or remove already applied NSX policies tags from certain VM workloads.
Once the
Carbon Black Cloud generates an alert for a certain VM workload, you can trigger NSX remediation for that workload either from the
page, or from the
Alerts page. This procedure describes the flow within the
Alerts page.
Note:
Only one NSX tag can be applied to a VM workload. If you want to update the tag with a new one, you must remove the existing tag. Then, perform NSX remediation to apply the new tag.
Prerequisites
- The VM workload must be associated with a Carbon Black Cloud Workload appliance that is registered with NSX, and has an active NSX connectivity. For information on registering the appliance with NSX, see VMware Carbon Black Cloud Workload Guide.
- The VM workload must have a Carbon Black sensor installed with the following versions:
- For Windows - 3.6 or later.
- For Linux - 2.9 or later.
- The VM workload must be on an NSX N-VDS (opaque network) to have the Apply NSX Tag option available.
Procedure
What to do next
If one or more workloads are already remediated, you can remove the tags by selecting the Remove NSX Tags.