You can import a saved security policy configuration either as a backup or to restore a similar configuration on a different NSX Manager.

When importing the configuration, an empty security group is created. All the services, service profiles, applications, and application groups must exist in the destination environment, otherwise the import fails.

Procedure

  1. In the vSphere Web Client, navigate to Networking & Security > Security > Service Composer.
  2. Click the Security Policies tab.
  3. Click More or Actions, and then click the Import Configuration icon.
  4. Select the security policy configuration file that you want to import.
  5. If necessary, type a suffix to be added to the security policies and security groups that are being imported.
    If you specify a suffix, it is added to the security policy names being imported thus ensuring that they have unique names.
  6. Click Next.
    Service Composer verifies that all services referred to in the configuration are available in the destination environment. If not, the Manage Missing Services page is displayed, where you can map missing services to available target services.

    The Ready to complete page displays the security policies, endpoint services, firewall rules, and the network introspection services to be imported. This page also displays the security groups on which the security policies are applied.

  7. Click Finish.
    The imported security policy configuration is added to the top of the security policy table (above the existing policies) in the target NSX Manager. The original order of the imported rules and security services in the security policy is preserved.