Q1) Not an expert on vShield, but I think "vse" stands for vShield Edge. Google seems to confirm this (also keep in mind that NSX is a combination of Nicira and vShield products, so it makes sense). This would imply that this rule allows all traffic related to the Edge itself to go anywhere.

Q2) Yes, that is correct. As you can see, the default rule is set to allow all traffic from flowing, which is of course basically the same thing as not having a firewall at all (or disabling it).

Hi

Q1) What does vse include it actually?

vse is one of the object under vNIC Group, vse is most likely vShield Edge but it is essentially an object to specify source/destination is the traffic generated by the Edge Gateway

Add an NSX Edge Firewall Rule

Select an object from the drop-down and then make the appropriate selections.

If you select vNIC Group and then select vse, the rule applies to traffic generated by the NSX Edge.

Some of rules in your screenshot are normally created as part of the auto rule configuration

Change Auto Rule Configuration

If auto rule generation is enabled, NSX Edge adds firewall, NAT, and routing routes to enable control traffic to flow for these services. If auto rule generation is not enabled, you must manually add firewall, NAT, and routing configuration to allow control channel traffic for NSX Edge services such as Load Balancing, VPN, etc

Q2) I found there is no traffic impact even if I clicked Disable button. Is that right?

I would say it depends

Some stateful services features are dependent on Firewall such as Load Balancer, NAT

So make sure you don't have any features that dependent on the Firewall services, else those features might not work

and ECMP requires Firewall to be disabled.

Specify Global Configuration

Stateful services such as NAT did not work with ECMP

A vNIC Group of vse in the Edge Firewall configuration refers to any traffic sourced from the Edge itself (syslog, DNS relay etc).