< Back
New-NsxSecurityPolicyGuestIntrospectionSpec
Post
NAME New-NsxSecurityPolicyGuestIntrospectionSpec
SYNOPSIS
Creates a Security Policy Guest Introspection Rule spec approriate for use in
New-NsxSecurityPolicy or Add-NsxSecurityPolicyGuestIntrospectionRule.
SYNTAX
New-NsxSecurityPolicyGuestIntrospectionSpec [-Name <String>] [-Description <String>] [-Disabled] [-Enforced]
-ServiceDefinition <XmlElement> [-ServiceProfile <XmlElement>] [-Connection <PSObject>] [<CommonParameters>]
New-NsxSecurityPolicyGuestIntrospectionSpec [-Name <String>] [-Description <String>] [-Disabled] [-Enforced]
-ServiceType <String> [-Connection <PSObject>] [<CommonParameters>]
DESCRIPTION
This cmdlet does not actually communicate with the NSX API, but merely
constructs the appropriate XML element to define a single guest
introspection rule that can subsequently be used in the
New-NsxSecurityPolicy and Add-NsxSecurityPolicyRule cmdlets.
It can operate in one of two modes.
Mode 1 (action apply) - Allows the creation of a guest introspection rule
that applies a preconfigured Service Definition and optional Service Profile.
Apply mode is typically used to apply guest introspection rules associated
with third party solutions integrated with NSX.
Mode 2 (action block) - Allows the creation of a guest introspection rule
that blocks based on AV, Vulnerability Management, or File Integrity
Monitoring.
PARAMETERS
-Name <String>
Name of the newly created GI rule.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Description <String>
Description of the newly created rule.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Create the rule as disabled.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Enforced [<SwitchParameter>]
Create the rule as Enforced (Rule is not enforced by default as per UI default)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-ServiceType <String>
Service Type of the Block rule. Accepts AntiVirus, VulnerabilityManagement or FileIntegrityMonitoring
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ServiceDefinition <XmlElement>
Service Definition object as retrieved using Get-NsxServiceDefinition (as defined in Service Definitions
section of the NSX UI).
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ServiceProfile <XmlElement>
Service Profile object as retrieved using Get-NsxServiceProfile (as defined in Service Profile section of a
specific Service Definition in the NSX UI).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? named
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceType AntiVirus -description "AV GI Rule"
Create a new Guest Introspection 'Block' AntiVirus rule.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceType AntiVirus -description "AV GI Rule"
Create a new Guest Introspection 'Block' AntiVirus rule.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$sd = Get-NsxServiceDefinition "ServiceDefinition"
PS C:\\> $sp = $sd | Get-NsxServiceProfile "Profile1"
PS C:\\> $gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceDefinition $sd -ServiceProfile $sp -name
GIRule-Profile1 -description "Custom GI Rule"
Create a new Guest Introspection 'Apply' rule based on a Service Definition called ServiceDefinition1, and Service
Profile Profile1
RELATED LINKS
SYNOPSIS
Creates a Security Policy Guest Introspection Rule spec approriate for use in
New-NsxSecurityPolicy or Add-NsxSecurityPolicyGuestIntrospectionRule.
SYNTAX
New-NsxSecurityPolicyGuestIntrospectionSpec [-Name <String>] [-Description <String>] [-Disabled] [-Enforced]
-ServiceDefinition <XmlElement> [-ServiceProfile <XmlElement>] [-Connection <PSObject>] [<CommonParameters>]
New-NsxSecurityPolicyGuestIntrospectionSpec [-Name <String>] [-Description <String>] [-Disabled] [-Enforced]
-ServiceType <String> [-Connection <PSObject>] [<CommonParameters>]
DESCRIPTION
This cmdlet does not actually communicate with the NSX API, but merely
constructs the appropriate XML element to define a single guest
introspection rule that can subsequently be used in the
New-NsxSecurityPolicy and Add-NsxSecurityPolicyRule cmdlets.
It can operate in one of two modes.
Mode 1 (action apply) - Allows the creation of a guest introspection rule
that applies a preconfigured Service Definition and optional Service Profile.
Apply mode is typically used to apply guest introspection rules associated
with third party solutions integrated with NSX.
Mode 2 (action block) - Allows the creation of a guest introspection rule
that blocks based on AV, Vulnerability Management, or File Integrity
Monitoring.
PARAMETERS
-Name <String>
Name of the newly created GI rule.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Description <String>
Description of the newly created rule.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Disabled [<SwitchParameter>]
Create the rule as disabled.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Enforced [<SwitchParameter>]
Create the rule as Enforced (Rule is not enforced by default as per UI default)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-ServiceType <String>
Service Type of the Block rule. Accepts AntiVirus, VulnerabilityManagement or FileIntegrityMonitoring
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ServiceDefinition <XmlElement>
Service Definition object as retrieved using Get-NsxServiceDefinition (as defined in Service Definitions
section of the NSX UI).
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ServiceProfile <XmlElement>
Service Profile object as retrieved using Get-NsxServiceProfile (as defined in Service Profile section of a
specific Service Definition in the NSX UI).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? named
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceType AntiVirus -description "AV GI Rule"
Create a new Guest Introspection 'Block' AntiVirus rule.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceType AntiVirus -description "AV GI Rule"
Create a new Guest Introspection 'Block' AntiVirus rule.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$sd = Get-NsxServiceDefinition "ServiceDefinition"
PS C:\\> $sp = $sd | Get-NsxServiceProfile "Profile1"
PS C:\\> $gispec = New-NsxSecurityPolicyGuestIntrospectionSpec -ServiceDefinition $sd -ServiceProfile $sp -name
GIRule-Profile1 -description "Custom GI Rule"
Create a new Guest Introspection 'Apply' rule based on a Service Definition called ServiceDefinition1, and Service
Profile Profile1
RELATED LINKS