Thursday, April 15, 2010

VMware vShield Zones

 vShield Zones: An application layer firewall to protect VMs. Deployment is based on manager and agents VMs hat sits between VMs and vSwitch as shown in the diagram below.

Some of the things you should know about vShield Zones:

  • You will need to download vShield Manager OVF – Open Virtual Format and one vShield agent OVF templates.
  • VMware Wall (firewall) does application-aware traffic analysis and stateful firewall protection by inspecting network traffic and determining access based on a set of rules between unprotected and protected zones.
  • You can install a vShield agent on any vSwitch that homes a physical NIC.
  • 3 Port Groups are created namely, VSprot_vShield-name, VSmgmt_vShield-name, and VSunprot_vShield-name.
  • 40,000 concurrent sessions can be processed.
  • vShield Zone cannot protect the Service Console or VMkernel components

No comments:

Post a Comment