Build, validate, and export NSX Distributed Firewall rule sets. Define rules with sources, destinations, services, and actions — then export as a structured deployment guide.
Your data stays on your device. All rule building runs entirely in your browser — no data is sent to any VirtualBytes server.
Important disclaimer: This tool is a planning aid only. All firewall rules generated here must be reviewed, validated, and tested in a non-production environment before being applied to any live NSX or VCF deployment. Incorrect or incomplete firewall rules can disrupt the VCF management plane, block vCenter, SDDC Manager, or NSX Manager connectivity, and cause cluster-wide outages. Always verify rules against your specific environment, IP addressing, and security policies. VirtualBytes accepts no responsibility for outages, data loss, or security incidents resulting from rules built or applied using this tool.
How to use this tool
Give your policy a name (e.g. "VCF Management Firewall") and optionally load a VCF template to get started
Add rules — describe the source, destination, and service in plain language (IP ranges, names, or just "Any")
Set the action (Allow / Drop / Reject) and add a note explaining why the rule exists
Use the NSX UI Guide tab to follow the step-by-step instructions for entering rules in the NSX Manager interface
Print or copy the Rule Summary to keep beside you while you work in NSX
Security policy name
Category
Load a VCF template
Firewall rules
0 rules
No rules planned yet
Click "Add rule" or load a template above to start planning your firewall policy.