vCloud Automation Center supports virtualized networks based on the vCloud Networking and Security and NSX platforms. Network and security virtualization allows virtual machines to communicate with each other over physical and virtual networks securely and efficiently.

To integrate network and security with vCloud Automation Center an IaaS administrator must install the vCloud Networking and Security or NSX plug-ins in vCenter Orchestrator and create vCenter Orchestrator and vSphere endpoints.

A fabric administrator can create external network profiles to define existing physical networks, and create templates of NAT, routed, and private network profiles. Network templates define network specifications such as subnet masks, gateway IP addresses, DNS/WINS and DHCP settings, and static IP ranges.

A tenant administrator or business group manager can configure network adapters, load balancing, and security for all components provisioned from a multi-machine blueprint that uses a routed network profile.

A tenant administrator or business group manager can use the templates to define multi-machine service networks. In a multi-machine blueprint, you can configure network adapters and load balancing for all components provisioned from that multi-machine blueprint.

In the multi-machine blueprint, you select a transport zone that identifies the vSphere endpoint. A transport zone specifies the hosts and clusters that can be associated with logical switches created within the zone. A transport zone can span multiple vSphere clusters. The multi-machine blueprint and the reservations used in the provisioning must have the same transport zone setting. Transport zones are defined in the NSX and vCloud Networking and Security environments. See NSX Administration Guide.

If you are using vCloud Automation Center workflows to call vCenter Orchestrator workflows, you must configure the vCenter Orchestrator instance or server as an endpoint.

An IaaS administrator creates an instance of a vSphere endpoint to allow vCloud Automation Center to interact with a vCloud Networking and Security or NSX instance.

Before you use the NSX security policy features from vCloud Automation Center, an administrator must run the Enable security policy support for overlapping subnets workflow in vCenter Orchestrator.

A fabric administrator creates external network profiles and templates for network address translation (NAT), routed, and private network profiles.

An IaaS administrator can use a reservation to assign external networks and routed gateways to network profiles for basic and multi-machine networks, specify the transport zone, and assign security groups to multi-machine components.