To activate the NSX Network Detection and Response feature, your NSX-T Data Center environment must meet the system requirements and the following prerequisites.
- Ensure that the license, software, and port requirements are met. See System Requirements for NSX Network Detection and Response for details.
- You must be logged in using an Enterprise Admin account.
- From your browser, log in with the required privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- In the NSX Manager UI, select .
- Navigate to the Features section, locate the NSX Network Detection and Response feature card, and click Activate.
- In the NSX Network Detection and Response activation wizard, select one of the available cloud regions from which you can access the NSX Advanced Threat Prevention cloud service.
The system uses the NSX Advanced Threat Prevention cloud service to perform deeper analysis of detected threat events, perform event correlation and visualization, and fetch periodic updates on those detected threat events. If you previously activated the VMware NSX® Malware Prevention feature, the cloud region selected for that feature is preselected and is used for the NSX Network Detection and Response feature.
- Click Run Prechecks.
This precheck process can take some time as the activation wizard validates that the minimum license requirement is met. The wizard also performs the connectivity checks between the NSX Manager appliance and the NSX Advanced Threat Prevention cloud service. It also validates that the selected cloud region is reachable.
- Click Activate.
This step can take some time to finish as the resources get allocated in the background.
See Troubleshooting NSX Network Detection and Response if you encounter any error during the NSX Network Detection and Response feature activation,