The NSX-IPFIX integration enables the visibility of the blocked and protected flows in the system.
The basic filters in the Micro-Segmentation Planning page are as follows:
- All Allowed Flows: This option is selected by default. To see all the flows for which the action in the firewall rules is set to Alllowed, select this option.
- Dropped Flows: This option helps to detect the dropped flows and planning the security in a better way.
- All Protected Flows: This option helps to detect all the flows which have a rule other than of the type
any(source)
any(dest)
any(service)
allow
associated with it. Such flows are known as protected flows. - All Unprotected Flows: This option helps to detect all the flows that have the default rules of the type
any(source)
any(dest)
any(service)
allow
. Such flows are known as unprotected flows.
The firewall rules are visible only for the allowed and unprotected flows.
For example, if you are in the planning phase and you want to see the allowed flows in the system, perform the following steps:
- On the Micro-Segmentation Planning page, for a particular group, select All Allowed Flows from the drop-down menu.
- Click the dropped flows in the topology diagram to see the corresponding recommended firewall rules.
- Implement those firewall rules by exporting them into NSX manager.