Add a VMware vCenter

You can import a VMware vCenter into Deep Security Manager and then protect its virtual machines with an agent.

If you are using Deep Security in FIPS mode, follow the instructions in Add a vCenter when Deep Security Manager is in FIPS mode instead.

You cannot import a vCenter that is using vShield Manager.

  1. In Deep Security Manager, go to Computers > New > Add > Add VMware vCenter.
  2. Enter the vCenter Server IP Address (or hostname if DNS is configured and able to resolve FQDN to IP addresses), port number to connect to the vCenter, and the user name and password for the vCenter. Click Next.
  3. Accept the vCenter SSL certificate.
  4. Enter the NSX Manager information and click Next.
  5. Accept the SSL certificate.
  6. Review the vCenter information and click Finish.
  7. The VMware vCenter has been successfully added message will be displayed. Click Close.The vCenter will appear on the Computers page.

    If you select Create an Event Based task to automatically activate VMs added to protected NSX Security Groups in this vCenter when adding the vCenter, Deep Security Manager will create two event-based tasks. One activates VMs when protection is added and the other deactivates VMs when protection is removed.

When Deep Security Manager adds the vCenter to its inventory, it also registers the Deep Security service within NSX Manager. This permits the deployment of the Deep Security service to the ESXi servers.

In a large environment with more than 3000 machines reporting to a vCenter Server, this process may take 20 to 30 minutes to complete. You can check the vCenter's Recent Task section to verify if there are activities running.

Deep Security Manager will maintain real-time synchronization with this VMware vCenter to keep the information displayed in Deep Security Manager (number of VMs, their status, etc.) up to date.

Add a vCenter when Deep Security Manager is in FIPS mode

If you are using Deep Security in FIPS mode, you must import the vCenter SSL certificates into Deep Security Manager before adding the vCenter to the manager. See Manage trusted certificates.
  1. In Deep Security Manager, go to Computers > New > Add Add VMware vCenter.
  2. Enter the vCenter Server IP Address (or hostname if DNS is configured and able to resolve FQDN to IP addresses), port number to connect to the vCenter, and the username and password for the vCenter. In the Trusted Certificate section, click Test Connection to check whether the vCenter's SSL certificate has been imported successfully into Deep Security Manager. If there are no errors, click Next.
  3. The NSX configuration fields are disabled because agentless protection is not supported with FIPS mode. Click Next.
  4. Review the vCenter information and click Finish.
  5. The VMware vCenter has been successfully added message will be displayed. Click Close.The vCenter will appear on the Computers page.

In a large environment with more than 3000 machines reporting to a vCenter Server, this process may take 20 to 30 minutes to complete. You can check the vCenter's Recent Task section to verify if there are activities running.

Deep Security Manager will maintain real-time synchronization with this VMware vCenter to keep the information displayed in Deep Security Manager (number of VMs, their status, etc.) up to date.