To manage the security of virtual machines in your data center with Deep Security, you need to setup the VMware Service Profile in NSX manager and assign NSX security policy to the NSX security group.
Creating a VMware Service Profile
- On the vSphere Web Client, go to Home > Networking & Security > Service Definitions.
- Select the Trend Micro Deep Security service definition and click Edit settings.
- Click Service Instances under Trend Micro Deep Security.
- Select the Trend Micro Deep Security-Global Instance service listed under Services Instances.
- On the Related Objects tab, click the green plus sign (+) to create a New Service Profile.
- Provide a name for the new profile.
- Leave the other settings at their default values and click OK. The new profile now appears in the service profile list.
- Select the newly created service profile and click Apply to Objects under Actions menu.
- On the Apply to Network Objects window, click Distributed Virtual Port Groups and select all the port groups of the VMs you will protect.
- Click OK to create the Service Profile.
Applying the Security Policy to NSX Security Group
- On your vSphere Web Client, go to Home > Networking & Security > Service Composer.
- Click the Security Policies tab.
- Select your preferred Security Policy and click the Apply Security Policy icon.
- In the Apply Policy to Security Groups window, select the Security Group containing the VMs you want to protect and click OK.
The NSX Security Policy is now applied to the VMs in the NSX Security Group.
You can now activate the VMs in the imported vCenter using your Deep Security Manager console. For more details on using Deep Security in protecting your VMs, refer to the Deep Security User's Guide.