Perform the following steps to use NSX IDS/IPS on a Gateway Firewall.
- Set up NSX Proxy Server for Internet Connectivity. NSX IDS/IPS can work in a network without Internet connectivity, but you will need to manually update the IDS/IPS signatures. For more information, see Preparing the Data Center for NSX IDS/IPS and NSX Malware Prevention.
- Download latest signature set and configure signature settings: Download the latest signature set if you have not selected automatic download option and configure actions for signatures. For more information, see Preparing the Data Center for NSX IDS/IPS and NSX Malware Prevention.
- Enable nodes for IDS/IPS: Select gateways on which you want to enable IDS/IPS. For more information, see Preparing the Data Center for NSX IDS/IPS and NSX Malware Prevention
Note: NSX IDS/IPS for a Gateway Firewall is supported only for tier-1 gateways.
- Create IDS/IPS profiles: Create profiles to group signatures. For more information, see Add an IDS/IPS Profile.
- Create gateway IDS/IPS rules and publish them: Create rules to apply a previously created profile to selected applications and traffic. For more information, see Add Rules for NSX IDS/IPS and NSX Malware Prevention on a Gateway Firewall.
- Monitor events on nodes. For more information, see Monitoring IDS/IPS Events.