Security group is a group that categorizes VMs based on VM names, IP addresses, and matching criteria of VM name and security tag.

Based on the matching criteria, you can apply a configuration to all the VMs in the security group instead of applying the configuration to the VMs in the SDDC environment individually.

You can use security groups when you configure Edge or distributed firewalls.


  1. Log in to the VMC Console at
  2. Select Networking & Security > Groups > Workload Groups.
  3. Click Add Group.
  4. Enter a security group name.
  5. Select the security group membership from the drop-down menu.

    The choices are Virtual Machine, IP address, or Membership Criteria.

  6. Enter a definition for your group.



    Virtual Machine

    Describe the VM classification tag, such as web_vm.

    IP address

    Enter the IP addresses of the VMs in the group.

    Membership Criteria

    Assign membership criteria such as, Virtual machine name or tag to classify VMs or VM.

    For example, web_vm or collector VM.

  7. Click Save.
  8. Select the newly created group and click the ellipsis button.



    View Members

    View the respective members of the security group.

    View References

    View what firewall rules the security group is being used in.