Security tags that you create and assign to virtual machines help you to define NSX-T Data Center edge gateway firewall rules and distributed firewall rules for data center groups with an NSX-T Data Center network provider type.

Prerequisites

• Verify that your system administrator has published the Security tag edit right to your organization and that your role includes this right.
• Verify that your role includes the vApp: Edit Properties right.

Procedure

1. In the top navigation bar, click Networking and then click Security Tags.
2. To add a new security tag, click Add Tag.
3. Enter a tag name.
4. From the list of virtual machines in the organization, select the ones to which to assign the newly created tag.
5. Click Save.

Results

The newly created tag is assigned to the virtual machines that you selected. You can view all the security tags that are assigned to a specific VM in the VM details page.

What to do next

1. Create dynamic groups of virtual machines based on the tags that you assigned.
2. Use the dynamic groups that you created to add distributed firewall rules to the data center group or to add firewall rules to an NSX-T Data Center edge gateway that is scoped to the data center group. See:
   • Add a Distributed Firewall Rule to a Data Center Group with an NSX-T Data Center Network Provider Type.
   • Add an NSX-T Data Center Edge Gateway Firewall Rule.