Activity monitoring provides visibility into the applications that are in use on the Windows desktop virtual machines that are managed by vCenter. This visibility helps ensure that security policies at your organization are being enforced correctly.

Note: As of NSX 6.3.0, the NSX Activity Monitoring feature has been deprecated. You can continue to use this feature at your discretion, but be aware that it will be removed from NSX in a future release. From 6.3.0 onwards, we recommend you use Endpoint Monitoring instead of Activity Monitoring.

A security policy may mandate who is allowed access to what applications. The cloud administrator can generate Activity Monitoring reports to see if the IP based firewall rule that they set is doing the intended work. By providing user and application level detail, activity monitoring translates high level security policies to low level IP address and network based implementation.

Figure 1. Your virtual environment today

Once you enable data collection for Activity Monitoring, you can run reports to view inbound traffic (such as virtual machines being accessed by users) as well as outbound traffic (resource utilization, interaction between inventory containers, and AD groups that accessed a server).

Figure 2. Your virtual environment with Activity Monitoring
Important: Activity monitoring is not supported on Linux VMs.