You can bind multiple groups to a security profile. NSX-T Data Center applies the security profile to the group with highest precedence level.
To assign precedence to groups:
Prerequisites
- Session timer groups must only contain segments, segment ports and VMs as members. Other category types are not supported.
- DNS security groups must contain only VMs as members. Other category types are not supported.
Procedure
- From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Navigate to Security > Security Profiles.
- Click Manage Group to Profile Precedence.
- To assign a group highest level of precedence, move it to the top of the list.
- Click Close.
Results
The security profile is applied to the group with highest precedence level.