When deploying PCG, you have the option to turn the Quarantine Policy on or off. Follow these steps to enable or disable the Quarantine Policy subsequently.
One or a pair of PCGs must be deployed on your VPC or VNet.
- Log in to CSM and go to your public cloud:
- If using AWS, go to PCGs is deployed and running. . Click on the VPC on which one or a pair of
- If using Microsoft Azure, go to PCGs is deployed and running. . Click on the VNet on which one or a pair of
- Enable the option using any one of the following:
- In the tile view, click on .
- If you are in the grid view, select the checkbox next to the VPC or VNet and click .
- If you are in the VPC or VNet's page, click the ACTIONS icon to go to Edit Configurations.
- Turn Default Quarantine on or off to enable or disable it.
- If you are disabling Quarantine Policy, you must provide a fallback security group.
Note: The fallback security group must be an existing user-defined security group in your public cloud. You cannot use any of the NSX Cloud security groups as a fallback security group. See NSX Cloud Security Groups for the Public Cloud for a list of NSX Cloud security groups.
- All unmanaged or quarantined VMs in this VPC or VNet will get the fallback security group assigned to them upon disabling Quarantine Policy.
- All managed VMs retain the security group assigned by NSX Cloud. The first time such VMs are untagged and become unmanaged after disabling Quarantine Policy, they also get the fallback security group assigned to them.
- Click SAVE.