In the NSX Enforced Mode, you can elect to enable Quarantine Policy in two ways.

The first possibility to enable Quarantine Policy is when you deploy PCG on a Transit VPC/VNet or link a Compute VPC/VNet to a Transit. Move the slider for Quarantine Policy on the Associated VPC/VNet to Enabled from the default Disabled state. See Deploy PCG in the NSX-T Data Center Installation Guide.

You can also enable Quarantine Policy later following the steps here.


If enabling Quarantine Policy after deploying or linking to a PCG, you must have one or more Transit or Compute VPCs/VNets onboarded in the NSX Enforced Mode, that is you elected to use NSX Tools for managing your workload VMs.


  1. Log in to CSM and go to your public cloud:
    1. If using AWS, go to Clouds > AWS > VPCs. Click on the Transit or Compute VPC.
    2. If using Microsoft Azure, go to Clouds > Azure > VNets. Click on the Transit or Compute VNet.
  2. Enable the option using any one of the following:
    • In the tile view, click on ACTIONS > Edit Configuration.
    • If you are in the grid view, select the checkbox next to the VPC or VNet and click ACTIONS > Edit Configuration.
    • If you are in the VPC or VNet's page, click the ACTIONS icon to go to Edit Configurations.
  3. Turn Default Quarantine on or off.
  4. Click SAVE.