VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Manuel d'utilisateur télécharger pdf (Page 25)

VMware, Inc. 25

Chapter 4 Installing vShield Edge, vShield App, and vShield Endpoint

7 SelectthevShieldEdgePortGroupIsolationHostPreparationcheckbox.

8 SelecttheDatastoreonwhichtostorethePortGroupIsolationservicefiles.

9 SelectthevShieldEndpointcheckbox.

10 ClickInstallatthetopoftheform.

YoucanfollowthevShieldAppinstallationstepsfromtheRecentTaskspaneofthevSphereClientscreen.

11 Afterinstallationofallcomponentsiscomplete,dothefollowing:

 vShieldApp:Atthispoint,vShieldAppinstallationiscomplete.GotothevShieldApp>App

Firewalltabatthedatacenter,cluster,orportgroupcontainerleveltoconfigurefirewallrules.Each

vShieldAppinheritsglobalfirewallrulessetinthevShieldManager.Thedefaultfirewallruleset

allows

alltraffictopass.Youmustconfigureblockingrulestoexplicitlyblocktraffic.Toconfigure

AppFirewallrules,seethevShieldAdministrationGuide.

 PortGroupIsolation:YoumustenablethePortGroupIsolationfeatureoneachvDS.After

enablementiscomplete,installavShieldEdgeoneachvDSportgroup.See“PrepareavNetworkfor

PortGroupIsolation”onpage 25.

 vShieldEndpoint:Tocompleteinstallation,see“InstallingvShieldEndpoint”onpage 27.

Prepare a vNetwork for Port Group Isolation

PortGroupIsolationcreatesabarrierbetweenthevirtualmachinesprotectedbyavShieldEdgeandthe

externalnetwork.WhenyouenablePortGroupIsolationandinstallavShieldEdgeonavDSportgroup,you

isolateeachsecuredvDSportgroupfromtheexternalnetwork.WhenPortGroupIsolationis

enabled,traffic

isnotallowedaccesstothevirtualmachinesinthesecuredportgroupunlessNATrulesorVLANtagsare

configured.

To utilize Port Group Isolation

1InstallPortGroupIsolationoneachESXhost.

2EnablePortGroupIsolationoneachvDS.

3InstallavShieldEdgeoneachvDSportgroupyouplantosecure.

4Move

virtualmachinestosecuredvDSportgroups.

EnablingPortGroupIsolationoneachvDSwhereyouwillinstallavShieldEdgeallowsthePortGroup

IsolationservicetobeusedonanyportgroupinavDS.

To enable Port Group Isolation on a vDS

1LogintothevSphereClient.

2GotoView>Inventory>Networking.

3Right‐

clickavDS.

4 SelectvShield>EnableIsolation.

AbrowserwindowopenstoconfirmthatPortGroupIsolationhasbeenenabled.

AfterPortGroupIsolationinstallationiscomplete,installavShieldEdgeinstanceoneachvDSportgroup.

OTEPortGroupIsolationisanoptionalfeaturethatisnotrequiredforvShieldEdgeoperation.PortGroup

IsolationisavailableforvDS‐basedvShieldEdgeinstallationsonly.

1 2 ... 20 21 22 23 24 25 26 27 28 29 30

Commentaires sur ces manuels

Pas de commentaire

VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Manuel d'utilisateur Page 25

Commentaires sur ces manuels

Produits connexes et manuels pour Manuels des logiciels VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API