You can use the Service Composer to export the security policy configuration to a specific file format from one NSX Manager and import the exported configuration in to another NSX Manager.

In the Service Composer, you cannot directly export security groups. You must first ensure that a security policy is assigned to a security group, and then export that security policy. All the contents of the security policy, such as DFW rules, guest introspection rules, network introspection rules, and the security groups that are bound to the security policy are exported.

When a container security group contains nested security groups, the nested security groups are also exported. While exporting, you can add a prefix to the policy. The prefix gets applied to policy name, policy actions name, and security group name.

When importing the configuration onto a different NSX Manager, you can specify a suffix. The suffix gets applied to policy name, policy actions name, and, security group name. If a security group or security policy with the same name exists on the NSX Manager where the import is happening, the import of the security policy configuration fails.