Configure NSX-T URL Analysis: Difference between revisions

From Iwan
Jump to: navigation, search
No edit summary
(Fix)
 
(One intermediate revision by one other user not shown)
Line 11: Line 11:
* STEP 05) Review the URL Analysed
* STEP 05) Review the URL Analysed


==STEP 01) Enable URL Analysis on an Edge Cluster==
==STEP 01{{fqm}} Enable URL Analysis on an Edge Cluster==


NSX-T Manager: Security >> URL Analysis >> Settings
NSX-T Manager: Security >> URL Analysis >> Settings
Line 35: Line 35:
<div style="clear:both"></div>
<div style="clear:both"></div>


==STEP 02) Create a context Profile==
==STEP 02{{fqm}} Create a context Profile==
When you click on "set" in the previous screen you can create a contect profile:
When you click on "set" in the previous screen you can create a contect profile:


Line 61: Line 61:
<div style="clear:both"></div>
<div style="clear:both"></div>


==STEP 03) Create a Tier-1 Gateway Firewall Rule==
==STEP 03{{fqm}} Create a Tier&ndash;1 Gateway Firewall Rule==
NSX-T Manager: Security >> Gateway Firewall >> All shared Rules
NSX-T Manager: Security >> Gateway Firewall >> All shared Rules


Line 83: Line 83:
<div style="clear:both"></div>
<div style="clear:both"></div>


==STEP 04) Generate web traffic==
==STEP 04{{fqm}} Generate web traffic==
I have created a "dummy" Virtual Machines with Ubuntu and opened a few websites, and hit a few times on refresh:
I have created a "dummy" Virtual Machines with Ubuntu and opened a few websites, and hit a few times on refresh:


Line 89: Line 89:
<div style="clear:both"></div>
<div style="clear:both"></div>


==STEP 05) Review the URL Analysed==
==STEP 05{{fqm}} Review the URL Analysed==
NSX-T Manager: Security >> Security Overview
NSX-T Manager: Security >> Security Overview



Latest revision as of 06:53, 16 March 2024

NSX-T URL analysis allows you to get insight into what websites are accessed within the organization. These websites are scored so you can review and understand the reputation and risk of the accessed websites. This article will explain to you how to configure URL Analysis.

Deployment Steps

  • STEP 01) Enable URL Analysis on an Edge Cluster
  • STEP 02) Create a context Profile
  • STEP 03) Create a Tier-1 Gateway Firewall Rule
  • STEP 04) Generate web traffic
  • STEP 05) Review the URL Analysed

STEP 01» Enable URL Analysis on an Edge Cluster

NSX-T Manager: Security >> URL Analysis >> Settings

Click on get started:

URL-A-01.png

By default URL Analysis is disabled so I need to enable it on the Edge CLuster:

URL-A-02.png

When I enabled it on the Edge Cluster I need to cinfirm this:

URL-A-03.png

Once confirmed URL Analysis is enabled on the Edge Cluster:

URL-A-04.png

STEP 02» Create a context Profile

When you click on "set" in the previous screen you can create a contect profile:

URL-A-05.png

Give it a name, and click on the attributes to add the attributes:

URL-A-06.png

Add all the attributes available:

URL-A-07.png

After I added the attributes in the contect profiles I can review them:

URL-A-08.png

When I click on "apply" a "1" appears in the profiles column:

URL-A-09.png

STEP 03» Create a Tier–1 Gateway Firewall Rule

NSX-T Manager: Security >> Gateway Firewall >> All shared Rules

Create a (shared) Gateway firewall rule and apply it to the Tier-1 Gateway where the Segments/Virtual Machines are attached to that we want to analyze the URLs from.

URL-A-10.png

NSX-T Manager: Security >> Gateway Firewall >> Gateway SPecific Rules

We can also review the specific Tier-1 Gateway firewall rules for that specific Gateway.

URL-A-11.png

NSX-T Manager: Security >> URL Analysis >> URLs

When we look at the URLs Analyzed section this is still empty:

URL-A-12.png

STEP 04» Generate web traffic

I have created a "dummy" Virtual Machines with Ubuntu and opened a few websites, and hit a few times on refresh:

URL-A-13.png

STEP 05» Review the URL Analysed

NSX-T Manager: Security >> Security Overview

After 15 minutes the browsed URLs are catagorized:

URL-A-14.png

NSX-T Manager: Security >> URL Analysis >> URLs

A closer look will show the reputation and score:

URL-A-15.png

Quality Check

I am always trying to improve the quality of my articles, so if you see any errors, mistakes in this article or you have suggestions for improvement, please contact me, and I will fix this.