Encryption rules are added at the NSX Manager scope. Using the Applied To field, you can then narrow down the scope at which you want to apply the rule. You can add multiple objects at the source and destination levels for each rule, which helps reduce the total number of encryption rules to be added.

About this task


By default, a rule matches on the default of any source, destination, and service rule elements, matching all interfaces and traffic directions. If you want to restrict the effect of the rule to particular interfaces or traffic directions, you must specify the restriction in the rule.


  1. From your browser, log in to an NSX Manager at https://nsx-manager-ip-address.
  2. Select Encryption from the navigation panel.
  3. Click the Rules tab if it is not already selected.
  4. To add a rule, select the section to which you want to add the rule.
    1. Click Add Rule and select Add Rule Above or Add Rule Below.
  5. To clone a rule, select the rule that you want to clone.
    1. Click Actions and select Clone Rule.

      The encryption rule is cloned with the same settings and a slightly different name ("Copy of ...").

  6. To delete a rule, select the rule that you want to delete.
    1. Click Delete Rule.
  7. Click Save.
  8. Click Save again to confirm.