VMware vShield

Print Friendly, PDF & Email

VMware vShield is a component that adds security by protecting virtual data centers from potential attacks or misuse through a set of security virtual appliances built for VMware vSphere. In a series of articles we will see the deployment of the products that make it up: vShield Manager, vShield App, vShield App with Data Security, vShield Edge and vShield Endpoint.

vShield Manager

vShield Manager enables centralized management of vShield components in the network, is a virtual applicance installed on one of our ESXi hosts (one per vCenter). From its management console we can install, configure (or perform maintenance) on vShield components.

 

vShield App

vShield App is a hypervisor firewall appliance that protects our applications inside our virtual data center from potential network attacks, gaining greater visibility and control in your communications (at the Datacenter level, Cluster or Port Group). It will allow us to create access rules regardless of the network topology. Flow Monitoring will show network activity between VMs (Protocol/Application Level), being able to create firewall rules or identify bottlenecks. We will monitor all incoming and outgoing traffic per host, including internal traffic between virtual machines in the same port group. We will deploy a vShield App on each host.

 

vShield Data Security

vShield Data Security will give us visibility into the leakage of sensitive information in our company, He will show it to us in some reports, where we can confirm that we have the information correctly secured, being able to evaluate compliance with any regulation in the world.

 

vShield Edge

vShield Edge Delivers External Network Security and Gateway Services, to isolate VMs in port groups. Connect isolated networks to the grid by providing common services such as DHCP, VPN IPSEC, NAT or Load Balancing; a common scenario is usually DMZ environments, VPN extranet and multi-tenant cloud environments where vShield Edge will provide that perimeter security for virtual datacenters.

 

vShield Endpoint

vShield Endpoint Offload Processing for Each Agent (antivirus or antimalware) from each VM to a dedicated security appliance on each ESXi host (Provided by VMware Partners), giving that security at the hypervisor level and significantly offloading the load from each MV and host. It is installed as a module and distributed as such a third-party appliance, on each ESXi host.

Recommended Posts

Collecting VMware vCSA LOGs in Elasticsearch and Visualizing Them in Grafana
Read
Install Volumio on a VM
Read
Collecting VMware ESXi LOGs in Elasticsearch and Visualizing Them in Grafana
Read
Blocking access to our VMware ESXi and vCSA hosts
Read

Author

by Héctor Herrero 
nheobug@bujarra.com
Autor del blog Bujarra.com Cualquier necesidad que tengas, Do not hesitate to contact me, I will try to help you whenever I can, Sharing is living ;) . Enjoy documents!!!

Connect iPhone or iPad to IPsec VPN with FortiGate

22 of March of 2012

Installing vShield Manager

11 de April de 2012