As vCNS is now deprecated, NSX Manager is the only option.
We've deployed MOVE AV 4 Agentless using NSX Manager and all is working. However i'm trying to understand policy management now.
Is it right to state that the job of enforcing policies onto the SVMs (and thus per-VM policies) is now NSX Manager rather than ePO? And that policy assignment in the ePO system tree is now irrelevant and ignored (in terms of per-VM and SVA policies)?
If I create a policy in ePO, assign it to a bunch of VMs sync'd in the datacenter connector, like we used to in Agentless 3.6, will any of the settings be applied? Or do i have to create an NSX Security Policy - for each per-VM policy - and apply it, via NSX, to the relevant VMs\Clusters?
What if i create a policy in ePO and don't create a security policy for it in NSX?
Just trying to understand.
You would create your SVM policies on ePO as usual. NSX is comes in to play for installation/removal/upgrades of the SVM appliance but policies, scheduling etc are handled by ePO. As you are aware, you can then create tags or apply those on a particular folder where your svms are located.