In my setup I have installed vShield App 5.0.1- 556798 on a ESXi host of the cluster. Then created a vSwitch with no physical NICs attached. On that vSwitch I have two VMs connected and both are on same port group under that vSwitch. Now I am intending to block SSH from one VM to other by applying High Precedence L3 deny rule at datacenter level. I can see datacenter level rules are inherited to virtual NICs of both the VMs. By default, all traffic is allowed only I am trying to block SSH between two VMs.
But vShield App firewall rules are ineffective and not blocking the SSH traffic from one VM to other. Is there any setting/step which I am missing? Also I can see it is showing my VMs are still unprotected. Also I am attaching screeshots on vShield App rule...