You can apply a security policy to a security group to secure your virtual desktops, business critical applications, and the connections between them. You can also view a list of the services that were not applied and the reason they failed to apply.
- Log in to the vSphere Web Client.
- Click Networking & Security and then click Service Composer.
- Click the Security Policy tab.
- Select a security policy and click the Apply Security Policy () icon.
- Select the security group that you want to apply the policy to.
If you select a security group defined by virtual machines that have a certain security tag applied to them, you can create a dynamic or conditional workflow. The moment the tag is applied to a virtual machine, the virtual machine is automatically added to that security group.
Network Introspection rules and Endpoint rules associated with the policy will not take effect for security groups containing IPSet and/or MacSet members.
- Click the Preview Service Status icon to see the services that cannot be applied to the selected security group and the reason for the failure.
For example, the security group may include a virtual machine that belongs to a cluster on which one of the policy services has not been installed. You must install that service on the appropriate cluster for the security policy to work as intended.
- Click OK.