VMware on AWS - How to restore NSX DFW firewall rules to previous state
Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works NSX DFW configuration has versioning, and it is stored in the NSX Manager. Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again. You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen. Let’s go through the use case: 1. Original state- default config with no custom rules: a. There are no saved configurations during last 30 days: In my existing test setup, with the current setting
