The Security Intelligence infrastructure classification feature attempts to identify the compute entities that provide network infrastructure services in your NSX environment. These services include DNS, DHCP, LDAP, and Active Directory.
By identifying the compute entities that provide network infrastructure services in your network, Security Intelligence can help you exclude those compute workloads from the traffic flow visualization or from the DFW policy recommendations analysis that you initiate.
The Security Intelligence identified. To review, accept, or modify the inferred classifications, you can use the following steps.
page displays the infrastructure classifications thatPrerequisites
Ensure that you have the required privileges to administer the compute entity classifications. See Role-Based Access Control in Security Intelligence for more information.
Procedure
- From your browser, log in with the required privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Select
- In the Classifications tab, select one or more of the the compute entities listed.
- Review the classification and determine if the selected entity is correctly classified as a network infrastructure service or not.
- If available, select Accept if you agree that the selected entity has been correctly classified by the Security Intelligence infrastructure classification service.
- If the Accept button above the table is dimmed or if you do not agree that the selected compute entity is a network infrastructure service, click Modify.
You can use the Modify button above the table or the Modify link provided in the last column corresponding to the compute entity you are reviewing.
- In the Modify Classification dialog box, select the correct classification from the Workload Classification drop-down menu. Select Infrastructure Service if the compute entity is an infrastructure service, such as DNS, DHCP, LDAP, or Active Directory. Select Others (Non-Infrastructure) if the compute entity is not one of the infrastructure services.
- (Optional) In the More details text box, enter the type of application that is running on the compute entity or workload.
- Click Save.
Results
The system updates the information for the compute entity in the Classifications table.