Once Postman API is downloaded and installed, below are the steps to proceed:
A. Deleting the Service Reference.
- Get the Service Reference ID:
"GET https://<NSX-T IP Address>/policy/api/v1/infra/service-references"
Sample Output:
"GET https://<NSX-T IP Address>/policy/api/v1/infra/service-references" // result of GET https://<NSX-T IP Address>/api/v1/infra/service-references { "results": [ { "partner_service_name": "Trend Micro Deep Security", "enabled": true, "resource_type": "ServiceReference", "id": "333f95bf-399a-481f-bc0b-19b44d676a57", "display_name": "Trend Micro Deep Security", "path": "/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57", "relative_path": "333f95bf-399a-481f-bc0b-19b44d676a57", "parent_path": "/infra", "unique_id": "252ad43c-4bf0-41a1-a08a-f435b7f547f6", "realization_id": "252ad43c-4bf0-41a1-a08a-f435b7f547f6", "marked_for_delete": false, "overridden": false, "_system_owned": false, "_create_time": 1696228360140, "_create_user": "admin", "_last_modified_time": 1696228360140, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true }From the output, record the Service Reference ID. In this example, the Service Reference ID is 333f95bf-399a-481f-bc0b-19b44d676a57.
-
Get all of the Service Profile IDs by using the Service Reference ID from Step 1:
"GET https://<NSX-T IP Address>/policy/api/v1/infra/service-references/<Service Reference ID>/service-profiles"
Example:
https://<NSX-T IP Address>/policy/api/v1/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57/service-profilesSample Output:
"GET https://<NSX-T IP Address>/policy/api/v1/infra/service-references/<Service Reference ID>/service-profiles" // result of GET https://<NSX-T IP Address>/api/v1/infra/service-references/<Service Reference ID>/service-profiles { "results": [ { "vendor_template_name": "Default (EBT)", "attributes": [], "redirection_action": "COPY", "vendor_template_key": "Gold", "resource_type": "PolicyServiceProfile", "id": "38f70096-fab1-4cfa-8a4a-c60dc315a4df", "display_name": "DSVA", "tags": [], "path": "/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57/service-profiles/38f70096-fab1-4cfa-8a4a-c60dc315a4df", "relative_path": "38f70096-fab1-4cfa-8a4a-c60dc315a4df", "parent_path": "/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57", "unique_id": "4bb52430-b569-48a0-a887-839cc9cfaa69", "realization_id": "4bb52430-b569-48a0-a887-839cc9cfaa69", "marked_for_delete": false, "overridden": false, "_system_owned": false, "_create_time": 1696228364574, "_create_user": "admin", "_last_modified_time": 1696228364574, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true }In this example, the Service Profile ID is 38f70096-fab1-4cfa-8a4a-c60dc315a4df.
- From Step 2, the API result shows all the Service Profiles. Using the Service Profile ID, Delete ALL Service Profiles one at a time.
"DELETE https://<NSX-T IP Address>/policy/api/v1/infra/service-references/<Service Reference ID>/service-profiles/<Service Profile ID>"
Example:
DELETE https://<NSX-T IP Address>/policy/api/v1/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57/service-profiles/38f70096-fab1-4cfa-8a4a-c60dc315a4df
B. Deleting the Service Definition
-
Get the Service Definition ID.
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services"
Sample Output:
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services" // result of GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services { "results": [ { "functionalities": [ "EPP", "IDS_IPS" ], "implementations": [ "EAST_WEST" ], "attachment_point": [ "SERVICE_PLANE" ], "transports": [ "NSH" ], "on_failure_policy": "ALLOW", "service_deployment_spec": { "deployment_template": [ { "name": "Deep Security - Deployment Template", "attributes": [ { "key": "management.gateway", "display_name": "management.gateway", "value": "", "attribute_type": "STRING", "read_only": false }, ... { "key": "solutionId", "display_name": "solutionId", "value": "7498352642083520512", "attribute_type": "STRING", "read_only": false } ] } ], "deployment_specs": [ { "name": "Deep Security - 20.0.0-877-C2M4-SMALL", "ovf_url": "https://10.209.84.168:4119/appliance/NSX/dsva-20.0.0-877-C2M4-small.ovf", "min_host_version": "6.5", "host_type": "ESXI", "service_form_factor": "SMALL", "svm_version": "1.0" }, ... { "name": "Deep Security - 20.0.0-877-C4M8-SMALL", "ovf_url": "https://10.209.84.168:4119/appliance/NSX/dsva-20.0.0-877-C4M8-small.ovf", "min_host_version": "6.5", "host_type": "ESXI", "service_form_factor": "SMALL", "svm_version": "1.0" } ], "nic_metadata_list": [ { "interface_label": "ens", "interface_index": 0, "interface_type": "MANAGEMENT", "user_configurable": true }, ... { "interface_label": "ens", "interface_index": 1, "interface_type": "CONTROL" } ], "svm_version": "20.0" }, "vendor_id": "Trend Micro", "service_manager_id": "55b8e578-f838-47cd-aec0-90704fc86ad6", "service_capability": { "nsh_liveness_support_enabled": true, "can_decrement_si": false }, "resource_type": "ServiceDefinition", "id": "daf49ee7-45b9-435a-918f-e46bddab99a9", "display_name": "Trend Micro Deep Security", "description": "Advanced security for virtual servers and desktops - Provides Agentless Anti-Malware, Web Reputation, Intrusion Prevention, Integrity Monitoring and Firewall.", "_system_owned": false, "_create_time": 1696228263917, "_create_user": "admin", "_last_modified_time": 1696228264000, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 1 } ], "result_count": 1 }In this example, the Service Definition ID is daf49ee7-45b9-435a-918f-e46bddab99a9.
-
Using the Service Definition ID, get all the Vendor Template IDs.
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services/<Service Definition ID>/vendor-templates"
Sample Output:
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services/<Service Definition ID>/vendor-templates" //Example https://<NSX-T IP Address>/api/v1/serviceinsertion/services/daf49ee7-45b9-435a-918f-e46bddab99a9/vendor-templates // result of GET https://<NSX-T IP Address>/api/v1/serviceinsertion/services/<Service Definition ID>/vendor-templates { "results": [ { "attributes": [], "service_id": "daf49ee7-45b9-435a-918f-e46bddab99a9", "vendor_template_key": "Gold_Network", "functionality": "IDS_IPS", "redirection_action": "PUNT", "resource_type": "VendorTemplate", "id": "ccd4a13c-a184-4b4e-8bca-a0d930d215e8", "display_name": "Default (EBT)_Network", "description": "The default Deep Security profile configuration used for EBTs.", "_system_owned": false, "_create_time": 1696228265451, "_create_user": "admin", "_last_modified_time": 1696228265451, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 }, { "attributes": [], "service_id": "daf49ee7-45b9-435a-918f-e46bddab99a9", "vendor_template_key": "Gold", "functionality": "EPP", "redirection_action": "PUNT", "resource_type": "VendorTemplate", "id": "a3adde3f-b3d1-4a5a-b646-0675c90d072f", "display_name": "Default (EBT)", "description": "The default Deep Security profile configuration used for EBTs.", "_system_owned": false, "_create_time": 1696228265055, "_create_user": "admin", "_last_modified_time": 1696228265055, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 2 } -
Using the Vendor Template ID, delete ALL the Vendor Templates one at a time.
"DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/services/<Service Definition ID>/vendor-templates/<Vendor Template ID>"
Example:
DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/services/daf49ee7-45b9-435a-918f-e46bddab99a9/vendor-templates/ccd4a13c-a184-4b4e-8bca-a0d930d215e8DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/services/daf49ee7-45b9-435a-918f-e46bddab99a9/vendor-templates/a3adde3f-b3d1-4a5a-b646-0675c90d072f -
Using the Service Definition ID, delete the Service Definition.
"DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/services/<Service Definition ID>"
Example:
DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/services/daf49ee7-45b9-435a-918f-e46bddab99a9
C. Deleting the Service Manager
-
Get the Service Manager ID.
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/service-managers"
Sample Output:
"GET https://<NSX-T IP Address>/api/v1/serviceinsertion/service-managers" // result of GET https://<NSX-T IP Address>/api/v1/serviceinsertion/service-managers { "results": [ { "vendor_id": "Trend Micro", "server": "10.209.84.168", "port": 4119, "uri": "/rest/vmware/2.0/nsx-notifications", "thumbprint": "75:38:83:a3:fe:ce:b6:4b:5a:a2:46:c8:ae:99:96:14:e2:f3:60:a1:18:76:c5:b8:c0:6f:fd:2f:f1:1c:9f:ac", "authentication_scheme": { "scheme_name": "BASIC_AUTH", "username": "T0" }, "service_ids": [ { "target_id": "daf49ee7-45b9-435a-918f-e46bddab99a9", "target_display_name": "Trend Micro Deep Security", "target_type": "ServiceDefinition" } ], "resource_type": "ServiceManager", "id": "55b8e578-f838-47cd-aec0-90704fc86ad6", "display_name": "Deep Security Service Manager", "_system_owned": false, "_create_time": 1696228264549, "_create_user": "admin", "_last_modified_time": 1696228264549, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1 }In this example, the Service Manager ID is 55b8e578-f838-47cd-aec0-90704fc86ad6.
-
Using the Service Manager ID from Step C.1, delete the Service Manager.
"DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/service-managers/<Service Manager ID>"
Example:
DELETE https://<NSX-T IP Address>/api/v1/serviceinsertion/service-managers/55b8e578-f838-47cd-aec0-90704fc86ad6
D. Delete the service reference ID
- Using the Service Reference ID in Step 1, delete the Service Reference.
"DELETE https://<NSX-T IP Address>/policy/api/v1/infra/service-references/<Service Reference ID>"
Example:
DELETE https://<NSX-T IP Address>/policy/api/v1/infra/service-references/333f95bf-399a-481f-bc0b-19b44d676a57
Once done, go back to the Deep Security Manager Console to re-add the vCenter connector with NSX-T binding and reconfigure the endpoint and network protection.