Third-party partners services containing security scanning logic, are registered with NSX-T Data Center for guest VM protection. The partner service is enforced when the NSX admin deploys the registered services and applies end point protection policies to guest VM groups.
The guest introspection workflow for the endpoint protection use case is as follows:
| Workflow Tasks | Role/Persona | Implementation |
|---|---|---|
| Register Partner Services | Partner Admin | Partner Console |
| Register Vendor Template | Partner Admin | Partner Console |
| Configure Partner Services with NSX-TNSX-T |
Partner Admin | Partner Console |
| Deploy a Service | NSX Admin | API and NSX Manager UI |
| View Service Instance Details | NSX Admin | API and NSX Manager UI |
| Bring Up Service Instance | NSX Admin | API and NSX Manager UI |
| Add Service Profile | NSX Admin | API and NSX Manager UI |
| Consume Guest Introspection Policy | NSX Admin | API and NSX Manager UI |
| Add and Publish Protection Rules | NSX Admin | API and NSX Manager UI |
| Monitor Endpoint Protection Rules | NSX Admin | API and NSX Manager UI |
