Create Service Chain and NSX-T Group

A VMware NSX-T group and service chain must be created to redirect network traffic to the GigaVUE Cloud Suite. A VMware NSX-T group defines which VMs are to be monitored. The service chain associates the GigaVUE Cloud Suite and maps the profile to the group.

Create Service Chain

The steps presented in this section create a service chain with the source virtual machines defined as the virtual machines in the applied groups. Additional configurations of the service chain are available. For additional details on creating security policies, refer to the “Service Composer” chapter of the NSX Administration Guide in the VMware documentation.

To create the service chain in VMware NSX-T:

  1. Select Security > Settings >Network Introspection and then click SERVICE CHAINS tab.
  2. On the SERVICE CHAINS tab, click ADD CHAIN.
  3. On the New Service Chain, do the following:
    1. In the Name and Description fields, enter a name and description for the service chain, respectively.
    2. For Service Segments, select a service segment.
    3. Click Forward Path and a Set Forward Path dialog box appears.
      • Select a Service Profile for Forward Path.
    4. For the Reverse Path, select or deselect the Inverse Forward Path to define the direction of the traffic.
    5. For Failure Policy, specify whether to allow or block the service chain.
  4. Click Save. A Service Chain is created.

Create Group

A group should be created that contains the VMs to forward NSX-T network traffic to the GigaVUE Cloud Suite.

To create the group, do the following in the NSX-T:

  1. In the VMware NSX manager, select Inventory > Groups. The Groups page appears.
  2. On the Groups page, click ADD GROUP.
  3. On the New Group, enter or select the values as follows.
    1. Enter a name for the new group.
    2. Click Set Members and the Select Members dialog box appears.
  4. Click Save and then a group is created and appears on the Groups page.
    • Add or select Membership Criteria, Members, IP/MAC Addresses, and AD Groups.
    1. Enter the description for the group.

Create and Publish a Policy

A Policy is a set of rules defined to filter the traffic. A Policy is to be created and published for passing the traffic from NSX-T to the configured tunnel endpoint.

To create and publish a policy in NSX-T:

  1. In the VMware NSX manager, select Security > Service Chain Management > Network Introspection (E-W).
  2. Click ADD POLICY.
  3. On the New Policy, enter or select the values as follows:
    1. Enter a name for the policy.
    2. Select the Sources of the traffic.
    3. Select the Destinations of the traffic.
    4. Select the Services for the traffic.
    5. For the Applied To field, select the appropriate groups.

      Points to Note:

      • When using the same NSX-T manager to create multiple Monitoring Domains, if you prefer to associate a single vCenter with each Monitoring Domain, ensure that you select only the members of the vCenter related to that specific Monitoring Domain.
      • All the workload VMs from the vCenters that are selected in the Applied To group will send traffic to the GigaVUE V Series Node. Ensure to select only the workload VMs from the vCenters that are associated with the Monitoring Domain, else the GigaVUE V Series Node will receive traffic from the vCenters that are not associated with the Monitoring Domain.
    6. On the Action field, specify whether to redirect the traffic or not.
  4. Click Publish. On publishing the rule or policy you can view the traffic flow from the GigaVUE V Series Nodes to the tunnel endpoint.