VMware NSX

 View Only
  • 1.  How do I audit the NSX firewall rules ?

    Posted Aug 17, 2017 11:24 PM

    Our auditor is not happy with a manually created spreadsheet which we have.  And exporting the rules provides an XML format. I imported this into an excel spreadsheet but the header metadata is meaningless. How can I have a meaningful metadata ?

    Basically, how can I have something I can export on a real-time basis that shows the firewall rules in a meaningful way ?

    One more question is there a place in the NSX firewall rule where I can type in a description of the rule

    Thanks

    Tommy



  • 2.  RE: How do I audit the NSX firewall rules ?

    Posted Aug 18, 2017 06:02 AM

    You can add the description either in the name field or in the comments field.

    Normally we define any specific description about the rules/polices in the comment field.

    It is hidden by default. Need to select it manually to make it visible.



  • 3.  RE: How do I audit the NSX firewall rules ?

    Posted Aug 18, 2017 06:07 AM

    I have not tested in from my end but the below links says it is possible via Power CLI.

    They have explained how to achieve it.

    https://tonysangha.com/2016/10/20/documenting-the-nsx-v-dfw-with-powernsx/

    GitHub - tonysangha/PowerNSX-DFW2Excel: Export the NSX for vSphere Distributed Firewall to MS Excel