The NSX Advanced Load Balancer continually assesses the health of each virtual service. This health information is available for viewing in both summary and detailed form.

Each virtual service has a health score, which shows the virtual service health as both a color code and a set of numeric scores. The final health score is comprised of a positive performance score and three penalties.

The security penalty provides insight into a current security related issue (such as a current DoS attack) or potential risk (such as SSL configuration which leaves the site vulnerable to the POODLE attack).

Ideally, the security penalty must be zero, which means that it is not detracting from the health or risk of a virtual service. A non-zero security penalty can be due to an issue with SSL or a DDoS attack event. The following section explores the components that could generate a security penalty.

View Security Insights

To view a security insights for a virtual service:

  1. Click the icon of the virtual service shown on the Dashboard.

  2. Click the virtual service name.

  3. Click Security on the menu bar.

Detailed security information for the virtual service is shown in two panes:

  • SSL information (left pane)

  • DDoS information (right pane)

Security Insights for the virtual service are organized into the following main categories:

  • SSL Distribution: The SSL section in the default security page shows details of the most relevant SSL data about client connections terminated on SEs within the selected period of time. If SSL termination is not performed on the virtual service, this section will have no data.

  • SSL Score: The SSL Score section in the default security page shows details of major factors affecting the SSL Score.

  • DDoS: The DDoS section in the default security page breaks down distributed denial of service data for the virtual service into the most relevant layer 4 and layer 7 attack data.

For more information on DDOS attack mitigation, Rate Limiters and Datascripts, see DDoS Attack Mitigation.