If you haven't checked out the VMware NSX Micro-segmentation: Day 1 Guide, it's a great resource. As a customer (before joining VMware), I found the best bang for your buck is using the DFW with Dynamic Security Groups. It's an easy transition from traditional ip based objects/groups but gives you all the benefits of using dynamic security groups. Service composer requires more effort up front but is beneficial when you have a lot of repetitive policies. A great example of this can be seen here Using NSX Service Composer to create a more elegant ruleset | nsxperts.com.
Hope this Helps!
Thank you! It helped me a lot!