To use the NSX Network Detection and Response feature, you must prepare your NSX environment so that it meets the specific license and software requirements.
License Requirements
To use the NSX Network Detection and Response features, one of the following license is required:
- VMware Firewall with Advanced Threat Prevention
- VMware Advanced Threat Prevention
- NSX Distributed Firewall with Advanced Threat Prevention
- NSX Advanced with Advanced Threat Prevention
- NSX Enterprise Plus with Advanced Threat Prevention
- NSX Firewall with Advanced Threat Prevention
For more details, see NSX Feature and Edition Guide and Security Licenses section in License Types.
Software Requirements
You must also meet the following software requirements before you can start using the NSX Network Detection and Response feature.
Install NSX 3.2 or later.
-
Deploy NSX Application Platform 3.2 or later. See Deploying and Managing the VMware NSX Application Platform document in the VMware NSX Documentation set.Note: The versioning of the NSX Network Detection and Response feature that is hosted on the NSX Application Platform matches the NSX Application Platform version, and not the NSX product version number.
To configure NSX Network Detection and Response for the air-gap environment, contact the VMware support team.
Required Ports
Ensure that the required ports are open. Specifically, NSX Network Detection and Response requires the outbound TCP port 443 to be open (unless NSX Network Detection and Response is configured to work in the air-gap mode). It uses this port to establish HTTPS connections to the NSX Advanced Threat Prevention cloud service to obtain up-to-date threat metadata information.
See the VMware Ports and Protocols webpage for other ports and protocols information.
