An NSX-T Data Center administrator can change or deploy a new form factor or version of the service VM (SVM).

This task can be done both from UI or API.

The API command to change or upgrade a SVM is /POST https://<NSX_Manager_IPaddress>/api/v1/serviceinsertion/services/{{service_id}}/service-deployments /<service-deployment-id>?action=upgrade.
   "deployment_spec_name": "EW_DepSpec"


  • Ensure that partners have registered multiple service VMs differentiated by versions and or form factor (disk, vCPU, or RAM).
  • Ensure that the SVM deployment status is Deployment Successful before changing the appliance. If the SVM is in a different state, go to Home → Alarms, and search for any open alarms of the event type EAM. Resovle them before trying to change to a newer SVM.
  • Ensure that all prereqiuistes required to deploy an endpoint service or a combined partner service (For example, endpoint protection service and network gateway firewall) are met before proceeding to change the appliance.
  • Ensure that storage is available before you change the existing SVM with a new one.
  • If there are workloads that are protected by the existing SVM, first perform vMotion to migrate the workload and then change or deploy the new SVM.


  1. With admin privileges, log in to NSX Manager.
  2. Go to System > Service Deployments > Deployment.
  3. Go to the service deployment and click Change Appliance.
  4. In the Change Appliance window, select the specification of SVM you want to deploy and click Update.
  5. If the service deployed fails at an individual host-level, in the Status column, click the information icon and click Resolve.
  6. Click Resolve All.
  7. If the service deployed fails at cluster-level, click the vertical ellipsis and click Re-deploy Appliance.


What to do next

To know the runtime status of a combined partner service, health status of an endpoint protection service, or deployment status, go to the Service Instances tab.

After changing the existing SVM to a new SVM, enable guest VMs that are to be protected by the endpoint protection policy service.