Which tool is used to detect rogue services?
A.
NSX Logical Firewall
B.
NSX Logical Router
C.
Activity Monitoring
D.
Flow Monitoring
Which tool is used to detect rogue services?
Which tool is used to detect rogue services?
A.
NSX Logical Firewall
B.
NSX Logical Router
C.
Activity Monitoring
D.
Flow Monitoring
D. Flow Monitoring
Disagree. Activity monitoring provides visibility into all DC applications and helps to identify rogue apps.
D. Flow Monitoring can thus be used as a forensic tool to detect rogue services and examine outbound sessions.
https://pubs.vmware.com/NSX-6/index.jsp#com.vmware.nsx.admin.doc/GUID-86609A0C-00DA-45CC-A5C6-068687D0937B.html?resultof=%2522%2572%256f%2567%2575%2565%2522%2520%2522%2572%256f%2567%2575%2522%2520
D is correct.
Flow Monitoring is a traffic analysis tool that provides a detailed view of the traffic to and from protected
virtual machines. When flow monitoring is enabled, its output defines which machines are exchanging data
and over which application. This data includes the number of sessions and packets transmitted per session.
Session details include sources, destinations, applications, and ports being used. Session details can be used
to create firewall allow or block rules.
You can view TCP and UDP connections to and from a selected vNIC. You can also exclude flows by
specifying filters.
Flow Monitoring can thus be used as a forensic tool to detect rogue services and examine outbound
sessions.