Upgrade the NSX license to Advanced or Enterprise

If you deployed the Deep Security Virtual Appliance onto NSX for vShield Endpoint (free) or NSX Standard Edition, the following Deep Security features are not available:

  • Deep Security firewall
  • Deep Security intrusion prevention
  • Deep Security web reputation

If you want these features, you'll need to upgrade to NSX Advanced Edition or Enterprise Edition, and then redeploy the Deep Security Virtual Appliance. Follow these steps:

As an alternative to upgrading your NSX license, you can deploy Deep Security Agents on your guest VMs to get the above-mentioned features. For details, see the Before you begin section under Deploy the Deep Security Virtual Appliance with NSX.

Step 1: Upgrade to NSX Advanced or Enterprise

  1. In your vSphere Web Client, go to Home > Administration > Licenses.
  2. In the main pane, click Assets, and then click the Solutions button.

  3. Right-click NSX for vSphere and select Assign License.

  4. Click the green + on the left to create a new license.

    A wizard appears, guiding you through the process of adding a license key.

  5. In the wizard, enter the NSX Advanced or Enterprise edition license key and a license name. At the end of the wizrd, click Finished.

    The new license (Advanced or Enterprise) appears in the list on the Assign License page.

  6. Select the new license and click OK.

    The NSX license now in use is Advanced or Enterprise.

Step 2: Remove Deep Security from NSX completely

In order for the new license to take effect, you'll need to remove Deep Security entirely from NSX. To remove the Deep Security from NSX, see Uninstall Deep Security from your NSX environment.

Step 3: Redeploy the Deep Security Virtual Appliance

After completely removing Deep Security from NSX, you'll need to redeploy the Deep Security Virtual Appliance. To redeploy, follow all the steps in Deploy the Deep Security Virtual Appliance with NSX.

You can now use the firewall, intrusion prevention and web reputation features, and you can continue to use the anti-malware and integrity monitoring features, which were available to you previously.