Source and destination flow cells can be customized on an individual cell basis by the user.

About this task

After flow analysis is complete, flow cells can be customized by the user.

Prerequisites

Flow data must have been collected from a set of vNICs and VMs. See Create a Monitoring Session

Procedure

After the flow state shows Analysis Completed, the flow table is populated with data. To customize cell data, hover the cursor over a cell. A gear icon appears in the right-hand corner of the cell. Click the gear icon in the Source or Destination column and select one of the following options:

Option

Description

Resolve VMs

This option is available if multiple VMs have the same IP address. This option is used to chose the applicable VM name for the flow record.

Replace with any

If the source should be accessible to everyone then any source IP address is the correct option. In all other cases, you should specify the source address. Configuring a destination value of any for the destination IP address is discouraged.

Replace with Membership

If the VM is part of Security Groups they will be displayed here and can replace the VM name.

Create Security Group

  1. Enter a Name and (optional) description of the security group.

  2. Click Next.

  3. Define the criteria that an object must meet for it to be added to the security group you are creating. This gives you the ability to include virtual machines by defining a filter criteria with a number of parameters supported to match the search criteria.

  4. Select one or more resources to add to the security group. Note that when you add a resource to a security group, all associated resources are automatically added. For example, when you select a virtual machine, the associated vNIC is automatically added to the security group. You can include the following objects in a security group:

    Cluster

    Logical Switch

    Legacy Port Group

    vApp

    Datacenter

  5. Click Next.

  6. Select the objects to exclude from the security group. The objects selected here are always excluded from the security group, regardless of whether or not they match the dynamic criteria.

  7. Click Next.

  8. Review the Security Group details on the Ready to complete window. Click Finish.

Add to existing Security Group and Replace

For VMs, if the selected VM is a member of multiple security groups, select the specific security group you want to apply. This option is not available if the IP address is present in the source or destination field. For raw IP addresses, use Add to existing IPset and Replace option.

  1. Click the desired Service Group from the list of available objects.

  2. Click OK.

Create IPSet and Replace

An IPset allows you to apply a firewall rule to an entire set of IP addresses at once.

  1. Enter a name for the IPSet.

  2. Optional - enter a description.

  3. Enter IP addresses or range of address in the new IP set.

  4. Click OK.

Add to existing IPset and Replace

An IP address may be part of several IPsets. Use this option to replace the shown IP address and replace it with another.

  1. Select the desire IPset from the Available Objects.

  2. Click OK.

Revert to initial data

Reverts any cell modifications back to the original data.

What to do next

Create a firewall rule based on flow monitoring.