If you are an SDDC administrator, you can use NSX capabilities to isolate and protect the vRealize Suite management cluster and tenant workloads in the data center.
The management cluster includes thevCenter Server for the domain, the NSX Manager, and vRealize Suite products and other management products and components. Use Transport Layer Security (TLS) and authentication to protect these systems from unauthorized access. Use NSX capabilities to strengthen isolation and segmentation of the management cluster virtual network systems from the edge cluster and workload systems and clusters. Allow appropriate access to required management system ports as described in the installation and configuration documents for the deployed management systems.
Tenant workloads in the data center might be implemented as three tier-applications consisting of Web, application, and database servers. Use TLS and authentication to protect these systems from unauthorized access. Use provided security services such as database connection strings to secure connections and SSH to secure host access. Apply NSX capabilities at the vNic level where possible to isolate and micro-segment tenant workloads from one another.
For more information about uses of NSX capabilities, see VMware NSX for vSphere (NSX) Network Virtualization Design Guide. For procedures to configure NSX capabilities, see the VMware NSX for vSphere documentation.