The NSX Manager is the centralized management component of NSX, and runs as a virtual appliance on an ESX host.

VMware recommends that you install NSX Manager on a dedicated management cluster separate from the cluster(s) that NSX Manager manages. Each NSX Manager manages a single vCenter Server environment. The NSX Manager requires connectivity to the vCenter Server, ESXi host, and NSX Edge instances, vShield Endpoint module, and NSX Data Security virtual machine. NSX components can communicate over routed connections as well as different LANs.

The NSX Manager should be run on an ESX host that is not affected by downtime, such as frequent reboots or maintenance mode operations. You can use HA or DRS to increase the resilience of the NSX Manager. If the ESX host on which the NSX Manager resides is expected to require downtime, vMotion the NSX Manager virtual appliance to another ESX host. Thus, more than one ESX host is recommended.

Ensure that the following ports are open:

Port 443/TCP from, to, and among the ESX host, the vCenter Server, and NSX Data Security

443/TCP from the REST client to NSX Manager for using REST API calls

80/TCP and 443/TCP for using the NSX Manager user interface and initiating connection to the vSphere SDK