Micro-Segmentation can make the data center network more secure by isolating related groups of virtual machines onto a distinct logical network segment. You can use the Distributed Firewall (DFW) component of VMware NSX to implement micro-segmentation. Administrators can then separate traffic that is traveling from one segment of the data center to another (east-west traffic) by using firewalls. Distributed firewalls prevent attackers from moving laterally in the data center.

About this task

This scenario gives detailed information on the procedures for a single-region deployment. You can also use these procedures for Region A of a dual-region deployment. If you want to use the procedures for Region B in a dual-region deployment, you have to use different IP address and machine names and might have to make some other changes.

Prerequisites

  1. Prepare for the deployment. See Preparing for Region A Scenario Deployment.

  2. Perform the tasks in Creating Multi-Tier Applications in Region A.