This section describes ways to create dynamic address groups.
| Where Can I Use
This? | What Do I Need? |
|---|
A security group is a logical container that assembles guests across multiple ESXi hosts in the
cluster. When you create a Dynamic Address Group that meets the right criteria and
commit your changes, a corresponding security group is created on the NSX-T Manager.
Creating security groups is required to manage and secure the guests.
For a Dynamic Address Group to become a security group on NSX-T, you must add match criteria in
the Dynamic Address Group in the following format:
‘_nsxt_<dynamic-address-group-name>’. The dynamic
address name added in the match criteria must match the Dynamic Address Group name
exactly. For example, a Dynamic Address Group called
applications must
include match criteria
‘_nsxt_applications’. Additionally,
you must include the Dynamic Address Group in a device group in a
service definition, which is part
of a service manager, and committed.
Each security group created from a Dynamic Address Group is in the following format:
<service-def-name>_<dynamic-address-group-name>.
For example, ServiceDef1_applications.
Each Dynamic Address Group you create must have a unique name across each device group configured
on your Panorama.
