Add a service segment when you configure east-west network introspection on the overlay network or north-south network introspection, where you want to redirect packets from the uplink of an NSX Edge to the service chain.

Prerequisites

  • If you are configuring north-south service chaining to redirect packets from the uplink of an NSX Edge to the service chain, create a Tier-0 and or Tier-1 gateway. The segment is later connected to the Tier-0 and or Tier-1 gateway.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Click Security > Settings > Network Introspection Settings > Service Segment > Add Service Segment.
  3. Click Add Service Segment.
  4. In the Name field, enter a name for the segment.
  5. In the Transport Zone (Overlay) field, select an overlay transport zone that is associated to the segment.
  6. In the Connected To field, do one of the following:
    • Leave the field blank if you are configuring east-west network introspection to protect guest VMs by third-party security vendors.
    • Select a Tier-0 or Tier-1 gateway if you are configuring a north-south service chaining to redirect packets from the uplink of an NSX Edge to the service chain.
  7. Click Save.

Results

The Status column displays the status of the service segment.