Thanks to the new version of vShield, we will be able to use a technology called SpoofGuard, that will authorize the IP addresses reported by the VMware Tools of our VMs so that they can communicate with the rest of the network equipment and thus prevent any spoofing of our IP addresses (IP spoofing) in our network.

From the VMware vShield management console, in the left panel “Settings & Reports”, on the “Configuration” > “SpoofGuard”, Click on “Edit” to enable SpoofGuard.

We can enable/disable SpoofGuard and configure its operating method, we can specify that it automatically trusts the IP addresses assigned the first time (recommended, Because if not, we will have to register all the IP addresses of our organization); or we can specify that the method is manual and we have to approve the IP addresses ourselves.

From the “vShield” within our datacenter, on the “SpoofGuard” we will see the protection status, as well as if there are any incidents. We will see the list of virtual machines along with their vNIC and assigned MAC, we will see the IP address that is approved as well as the IP address that SpoofGuard detects at this moment. Here is where we will be able to manually block/approve IP addresses.