< Back
Remove-NsxSecurityPolicyRuleService
Post
NAME Remove-NsxSecurityPolicyRuleService
SYNOPSIS
Modifies the configuration of an existing Security Policy Firewall or
Network Introspection Rule to remove a service.
Note: If the service to be removed is the last one defined, then the
matching service for the rule becomes ANY.
SYNTAX
Remove-NsxSecurityPolicyRuleService [-Rule] <XmlElement> [-Service] <XmlElement[]> [-NoConfirm]
[-NoConfirmOnLastServiceRemoval] [[-Connection] <PSObject>] [<CommonParameters>]
DESCRIPTION
A security policy is a policy construct that can define one or more rules in
several different categories, that can then be applied to an arbitrary
number of Security Groups in order to enforce the defined policy.
The three categories of rules that can be included in a Security Policy are:
- Guest Introspection - data security, anti-virus, and vulnerability
management and rules based on third party Guest Introspection capability.
- Firewall rules - creates appropriate distributed firewall rules when
the policy is applied to a security group.
- Network introspection services - Thirdparty firewall, IPS/IDS etc.
Remove-NsxSecurityPolicyRuleService modifies the configuration of an existing
Security Policy Firewall or Network Introspection Rule to remove a service.
PARAMETERS
-Rule <XmlElement>
Security Policy Rule to reconfigure
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Service <XmlElement[]>
Services(s) to be removed from the specified rule. Depends on currently configured direction of the rule.
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NoConfirm [<SwitchParameter>]
Disable confirmation prompt
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-NoConfirmOnLastServiceRemoval [<SwitchParameter>]
Disable confirmation prompt for removal of last service - effectively converting rule to match ANY service.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? 3
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$svc = Get-NsxService -Name AltSsh
Get-NsxSecurityPolicy SecPol01 | Get-NsxSecurityPolicyRule -RuleType Firewall -Name AdminSsh |
Remove-NsxSecurityPolicyRuleservice -Service $svc
Gets the service called AltSsh and removes it from the Firewall rule AdminSsh within the Security Policy SecPol01
RELATED LINKS
SYNOPSIS
Modifies the configuration of an existing Security Policy Firewall or
Network Introspection Rule to remove a service.
Note: If the service to be removed is the last one defined, then the
matching service for the rule becomes ANY.
SYNTAX
Remove-NsxSecurityPolicyRuleService [-Rule] <XmlElement> [-Service] <XmlElement[]> [-NoConfirm]
[-NoConfirmOnLastServiceRemoval] [[-Connection] <PSObject>] [<CommonParameters>]
DESCRIPTION
A security policy is a policy construct that can define one or more rules in
several different categories, that can then be applied to an arbitrary
number of Security Groups in order to enforce the defined policy.
The three categories of rules that can be included in a Security Policy are:
- Guest Introspection - data security, anti-virus, and vulnerability
management and rules based on third party Guest Introspection capability.
- Firewall rules - creates appropriate distributed firewall rules when
the policy is applied to a security group.
- Network introspection services - Thirdparty firewall, IPS/IDS etc.
Remove-NsxSecurityPolicyRuleService modifies the configuration of an existing
Security Policy Firewall or Network Introspection Rule to remove a service.
PARAMETERS
-Rule <XmlElement>
Security Policy Rule to reconfigure
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Service <XmlElement[]>
Services(s) to be removed from the specified rule. Depends on currently configured direction of the rule.
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NoConfirm [<SwitchParameter>]
Disable confirmation prompt
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-NoConfirmOnLastServiceRemoval [<SwitchParameter>]
Disable confirmation prompt for removal of last service - effectively converting rule to match ANY service.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-Connection <PSObject>
PowerNSX Connection object
Required? false
Position? 3
Default value $defaultNSXConnection
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>$svc = Get-NsxService -Name AltSsh
Get-NsxSecurityPolicy SecPol01 | Get-NsxSecurityPolicyRule -RuleType Firewall -Name AdminSsh |
Remove-NsxSecurityPolicyRuleservice -Service $svc
Gets the service called AltSsh and removes it from the Firewall rule AdminSsh within the Security Policy SecPol01
RELATED LINKS