I am testing nsx-t 3.0 and deep security agentless. At present,
the VM needs to be added to the group manually to configure it to deep security.
Is there any setting that can automatically add the newly created VM to the group?
One way of doing is to create TAG's on Virtual Machine and give the matching criteria (TAG) in the security group .
There should be a matching criteria to ensure VM will fall under a specific Security Group. Tagging is one way of doing it.
Take a look here: Add a Group
On step 5 it shows how you can add members to a group. After you define the criteria you need the VMs that match that criteria will be part of the group automatically.
If you add a tag to a group the group will be empty if no VMs have that tag, so you have to tag VMs also. Other ways of achieving this is by adding a whole segment or defining VM criteria like their name.
I have tried to add group with name or computer os name, but it didn’t be add to the member and I couldn’t see the policy be assigned on the VM of the deep security manage, unless I manually add VM to member.