Create Service Chain and NSX-T Group

You need to create a VMware NSX-T group and a service chain to redirect network traffic to GigaVUE Cloud Suite.

  • The VMware NSX-T group defines which virtual machines (VMs) are monitored.

  • The service chain links the group to GigaVUE Cloud Suite using a service profile.

Create Service Chain

Using the instructions given below, you can create a service chain that defines traffic redirection for selected VMs. For details on creating security policies, refer to the Service Composer chapter of the NSX Administration Guide in the VMware documentation.

To create the service chain in VMware NSX-T,

  1. In the VMware NSX Manager, go to Security > Settings >Network Introspection.
  2. Go to the SERVICE CHAINS tab and select.ADD CHAIN.
  3. On the New Service Chain, perform the following:
    1. In the Name and Description fields, enter a name and description for the service chain, respectively.
    2. For Service Segments, select a service segment.
    3. Select Forward Path.
    4. On the Set Forward Path dialog box, select a Service Profile for Forward Path.
    5. For Reverse Path, select or deselect the Inverse Forward Path to define traffic direction.
    6. For Failure Policy, specify whether to allow or block the service chain.
  4. Select Save.

A Service Chain is created.

Create Group

You need to create a group to forward NSX-T network traffic to the GigaVUE Cloud Suite.

To create the group, do the following in the NSX-T:

  1. In the VMware NSX manager, select Inventory > Groups.
  2. On the Groups page, select ADD GROUP.
  3. On the New Group page, enter or select the values as follows.
    1. Enter a name for the new group.
    2. Select Set Members.
      The Select Members dialog box appears.
  4. Select Save.
    A group is created and appears on the Groups page. Add the description and define group membership using Membership Criteria, Members, IP/MAC Addresses, or AD Groups.

Create and Publish a Policy

A Policy is a set of rules defined to filter the traffic. You need to create a policy to define how traffic flows from the selected VMs to the configured tunnel endpoint.

To create and publish a policy in NSX-T:

  1. In the VMware NSX manager, select Security > Service Chain Management > Network Introspection (E-W).
  2. Select ADD POLICY.
  3. On the New Policy, enter or select the values as follows:
    1. Enter a name for the policy.
    2. Select the Sources of the traffic.
    3. Select the Destinations of the traffic.
    4. Select the Services for the traffic.
    5. For the Applied To field, select the appropriate groups.

      Points to Note:

      • When using the same NSX-T manager to create multiple Monitoring Domains, if you prefer to associate a single vCenter with each Monitoring Domain, ensure that you select only the members of the vCenter related to that specific Monitoring Domain.
      • All the workload VMs from the vCenters that are selected in the Applied To group sends traffic to theGigaVUE V Series Node. Ensure to select only the workload VMs from the vCenters that are associated with the Monitoring Domain, else the GigaVUE V Series Node receives traffic from the vCenters that are not associated with the Monitoring Domain.
    6. On the Action field, specify whether to redirect the traffic or not.
  4. Select Publish.

On publishing the rule or policy, you can view the traffic flow from the GigaVUE V Series Nodes to the tunnel endpoint.