VNMC provides a browser-based interface that enables you to configure managed endpoints, perform administrative operational tasks, and define and apply policies and profiles. You can also use the GUI to manage and provision compute and edge firewalls, such as VSGs and ASA 1000Vs.
The following topics provide an overview of the VNMC user interface.
VNMC server is protected by a firewall, the following ports must be enabled:
The default HTTPS URL for logging into the VNMC user interface is https://server-ip-address, where server-ip-address is the IP address assigned to the VNMC server. The IP address is the address for the management port.
If you log in using HTTP, you are automatically redirected to the HTTPS link.
User Interface Components
When you log into VNMC, the user interface is displayed.
VNMC user interface contains the components described in the following table:
Allows you to set inactivity timeout values, obtain product version information, access online help, and provide product feedback.
Provide access to the primary
VNMC components for managing your environment:
Provides navigation to all objects in the VNMC instance.
The navigation pane is displayed on the left side of the screen below the tabs. The objects that are displayed in the navigation pane depend on the selected tab.
Displays information and provides options for the object that is selected in the navigation pane.
The following table provides information about the tabs in the
Table 2 Tabs in the VNMC GUI
Enables you to manage tenants in the current VNMC instance.
A system or server administrator can use this tab to create organizational hierarchies and enable multi-tenant management domains. The organizational hierarchy levels are Tenant > Virtual Data Center > Application > Tier.
Enables you to manage logical resources, such as VSGs, ASA 1000Vs, VSGs, and vCenters.
Resource Management subtabs are:
Enables you to configure service and device policies and profiles, and to assign policies to profiles.
Policy Management subtabs are:
Provides the tools needed for administering VNMC.
Administration subtabs are:
VNMC toolbar displays in the upper-right portion of the user interface. The following table describes the toolbar options:
Table 3 Toolbar Options
Username of the current VNMC session.
Enables you to specify the amount of time that the VNMC session can remain inactive before the session times out. The value that you specify applies to the system from which you logged into VNMC.
Logs you out of the current session.
Provides VNMC version information.
Launches online help for the currently displayed screen.
Allows you to provide feedback on VNMC.
VNMC includes the following aids to assist you in your tasks, whether configuring policies and profiles, troubleshooting faults, or looking for additional information for a particular window or dialog box.
Table 4 VNMC Field Aids
Pause your cursor over a field to view additional information about the field.
Red field or box
Indicates that information is required. If you have entered information and the field remains red, the entry contains an error (such as an incomplete IP address). You can pause your mouse over the field to obtain information about the error.
Two field icons (i and c) provide additional information for the field:
The "i" icon provides additional information for the field.
The "c" icon identifies the feature support for the field. For example, a feature might be supported on ASA 1000Vs but not on VSGs.
Pause your cursor over the icon to view the information.
Fault information and links to fault information are available for each edge and compute firewall in Resource Management.
Navigate to a specific compute or edge firewall to view the object state, number of faults, and severity of faults. The same pane provides links to the relevant fault page.
Context-sensitive online help is available for each VNMC pane and dialog box.
To access help, click Help in the active pane or ? in the active dialog box.
Inactivity Timeout Period
The Preferences dialog box allows you to specify the length of time, from 5 to 60 minutes, that a VNMC session on your current machine can remain inactive before the session is closed. The value that you enter applies to the system that you used to log into VNMC.
Changes with VNMC Installed on Microsoft Hyper-V Server 2012 (Hyper-V Hypervisor)
VNMC can be installed on the VMWare Hypervisor and the Hyper-V Hypervisor. The following table lists some of the VNMC features that are not supported when VNMC is installed on the HyperV Hypervisor.
When doing the following...
This feature is unsupported
Adding a rule to the create the ACL policy
The option to match any one rule is disabled. The only available option is to match all the rules.
The service condition is disabled.
When you are setting source or destination conditions, the VM and User Defined attribute types are not supported.
VM Manager actions are not supported.
Adding an object group
When the attribute type is Network, the attribute name Service is not supported.
The VM attribute type is not supported.
Working with vZones
The option to match any one rule is disabled. The vZone must match all conditions.
The Search tab enables you to search for instances of organizations in VNMC. From the search result, you can expand an organization's hierarchy and launch devices and polices in that organization.
Searching for organization names does not work if the organization names contain special characters.
Do any of the following to launch the Search tab:
Choose Policy Management > Service Policies > root > Search.
Choose Policy Management > Service Profiles > root > Search.
You can perform the Search operation at any level in the organizational hierarchy.
Enter organization names as a *pattern or a regular expression.
The Search feature is case-sensitive. When you enter a name as a regular expression, it can contain regex wildcards such as * , + , ? and so on. For example, "*" will match the previous character zero or more times. Searching myVdc* will return all names that contain "myVd" and "myVDC".
Use the following the guidelines when you enter a pattern:
To fetch organization names starting with "ABC", enter "ABC*".
To fetch organization names ending with "ABC", enter "*ABC".
To fetch organizations names starting with "A" and ending with "BC" but with other characters in between, enter "A*BC".
The search results are displayed in the table.
You can create a clone for an organization, policy, policy set, or profile at a destination of your choice. The hierarchy of an organization's clone or the names of the elements in it cannot be changed. After a clone is created, it cannot be renamed or moved to another location.
Based on the element you want to clone, do one of the following:
To clone an organization, choose Tenant Management > root > tenant > organization.
To clone a policy, policy set, or profile, choose Policy Management > Service Polices > root > tenant > Policies > policy or Policy Management > Service Profiles > root > tenant > Profiles > profile.
Right-click the element to be cloned and choose Clone.