Promiscuous mode, if configured to Accept on a port group, will allow all the virtual machine vNICs connected to that port group to see all the traffic on the vSwitch or dvSwitch. Since this is not an advisable configuration, it is set to Reject by default. When set to Reject, the vNICs can only see traffic destined to their MAC address. This mode is usually enabled on a port group with one or more network monitoring VMs, so that they can analyze the traffic on the vSwitch or dvSwitch. Such VMs are configured in a separate port group that sees traffic from a particular subnet it needs to monitor. By doing so, you are enabling promiscuousness on only those network monitoring VMs.

With a dvSwitch, the need for a separated port group can be avoided by overriding the dvPortGroup settings at the dvPort to which the analyzer VM's vNIC is connected.