Hi,
Hopefully a straightforward query. Can Identity Firewall be used in conjunction with a cross vcentre NSX deployment?. In the cross vcentre design guide I have done a check and anything relating to identity firewall is not mentioned. This probably gives me my answer, but actually if its not possible due to constraints with the universal DFW, could it be use with local DFW policy in a secondary NSX site - so could the secondary NSX manager support this?
Thanks in advance
I have actually set this up in a production environment with three NSX Managers (one for server workloads and two for Horizon View) and it works perfectly. However, the identity of logged in users cannot (as far as I can tell) propagate to other NSX Managers in the environment. So it will work, but only for the local NSX Manager.
Technically this should be possible , having site specific IDFW with a supported topology Identity Firewall Tested and Supported Configurations irrespective of the NSX manager roles
I have actually set this up in a production environment with three NSX Managers (one for server workloads and two for Horizon View) and it works perfectly. However, the identity of logged in users cannot (as far as I can tell) propagate to other NSX Managers in the environment. So it will work, but only for the local NSX Manager.