Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

NSX Security Group Change Event-Based Task in Deep Security Manager 12.0 requires to be created manually for existing vCenter connector on NSX-T

    • Updated:
    • 20 Dec 2019
    • Product/Version:
    • Deep Security 12.0
    • Platform:
    • N/A
Summary
 
If the Deep Security Manager administrator has already enabled the synchronization of Deep Security policies to NSX, you can skip this article. For information on policy synchronization, see Synchronize Deep Security Policies with NSX.

The auto-activation function does not work after upgrading Deep Security Manager (DSM) to version12 FR 2019-12-12 for the existing vCenter connector which was added in DSM 12.0.

Below are the pre-conditions:

  • DSM 12.0 LTS
  • vCenter is registered to NSX-T in DSM12.0
  • Upgrade DSM from 12.0 to 12 FR 2019-12-12 or later versions
Details
Public

The NSX Security Group Change Event-Based Task does not support NSX-T in DSM 12.0 LTS. When upgrading from DSM 12.0 to 12 FR 2019-12-12 or later, no NSX Security Group Change Event-Based Tasks will be created for the existing vCenter connector which was added in DSM 12.0.

As a workaround, you will need to manually add the NSX Security Group Change Event-Based Tasks for activation or deactivation. For more details, refer to Automated Policy Management in NSX Environments.

Below are some examples for the manual creation of Event-Based Tasks.

  1. Go to Administration > Event-Based Tasks.
  2. Click New.
  3. Select the event that this task will be based on.
    On the Event drop-down list, select NSX Security Group Change.

    NSX Security Group Change

  4. Select the action(s) to perform.
    1. Enable the Activate Computer.
    2. Set the Delay activation by (minutes) to "5".
    3. Check the Assign Policy, assigning a Deep Security policy to the virtual machine under this vCenter connector.

    Activate Computer

  5. Specify any match conditions. Apply the conditions as follows:

    Specify any match conditions

  6. Describe the new task. Provide a name for the new task and select Task Enabled.

    Describe the new task

After upgrading to DSM 12.0 FR 2019-10-23 and later version, this event-based task will be auto-created for newly added vCenter connectors. However, this EBT is disabled by default.

If customers would like to set the auto-deactivation task, follow the instructions below.

  1. Go to Administration > Event-Based Tasks.
  2. Click New.
  3. Select the event that this task will be based on.
    On the Event drop-down list, choose NSX Security Group Change.

    Select the event

  4. Select the action(s) to perform by checking Deactivate Computer.

    Deactivate computer

  5. Specify any match condition(s). Apply the conditions as follows:

    Specify any match conditions

  6. Describe the new task. Provide a name for the new task and select Task Enabled.

    Deactivate vCenter

Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot
Solution Id:
000152506
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.