VMware NSX

Dashboard and Browsers	Change Tracking Policy Analysis Risk Dashboard Violations Cleanup
Change Management	Change Management Graphical Policy Real-time Monitoring Accountability - Installed Revisions Display IPv6 objects Create SecureChange ticket from Policy Browser for: • Rule Decommission • Rule Recertification
Policy Analysis	Policy Analysis Object Lookup
Auditing and Reporting	Auditing and Reporting
Topology	Static Topology BGP Dynamic Routes

Real-time monitoring uses device polling.
These features are not supported: unused objects cleanup, offline analysis.
"Applied to" criteria in Policy Analysis is only supported in view mode.
Topology support only includes North-South connectivity and, in topology diagrams, traffic inside a logical switch will be seen as passing logical router.
For Auditing and Reporting, these features are supported: Regulations browser, Policy Browser (formerly Rule Documentation), New Revision report.
Dynamic Topology (BGP dynamic routing) is supported for NSX-T
To conform with recommendations from VMWare, in TOS R21-1 and later, new NSX-T devices are automatically configured with Declarative (Policy) APIs. Devices that were previously added using Imperative APIs will continue to work. In the Device Manager, the name of a device indicates whether the device is configured with a Declarative or Impertitive API.

To convert a device that was previously added using Imperative APIs to Declarative APIs you need to add the device as a new device, and remove or disable the old instance of the device.
In NSX-T Devices, support for dynamic Security Groups based on tags set in the device.