The recommendations that NSX Intelligence generates include security policies, policy security groups, and services for applications.

The recommendations are based on the network traffic flow patterns between VM workloads on ESXi hosts managed by a vCenter Server. They can assist you with enforcing a more dynamic security policy by correlating traffic patterns of communication that have occurred within your NSX-T Data Center environment.

The security policy recommendations are of the East-West Distributed Firewall Security Policies of Application category. The security group recommendations consist of a list of VMs that are seen in the network traffic flows that were analyzed for the time period and the VM boundary you had specified. The service recommendations are service objects that were used in certain ports by applications in the VMs you had specified, but the services are not yet defined in the NSX-T Data Center inventory.

There are multiple ways to request the recommendation, but the most straightforward one is by using Plan & Troubleshoot > Recommendations tab and clicking Start New Recommendation. You provide the virtual machines (VMs) that comprise the application boundaries and the time range in which the network traffic flows are to be analyzed for those specific VMs. Once the recommendation analysis is complete, you can view the details of the recommendation and, if necessary, modify the recommendation before publishing it. See Generate a New NSX Intelligence Recommendation for more information.