VMWORLD SITE

VMWORLD SITE
VMWORLD SITE

Thursday, 14 October 2010

vSheild Thurs 12:00

Wanted to attend the session on Availability and Throughput but it was full (couldn't get there earlier due to 1-1 meeting on SRM and FT)

- vShield Edge protects the perimeter of the virtual data centre
- vShield App and Zones can create virtual secure zones around groups of VMs
- vShield Endpoint offloads guest security activities such as anti virus

Replace physical network zones with vShield?
Claiming vShield can be more secure than physical protection.
Can set physical machine default gateway to be the vShield Appliance
Standard 5 tuple policy approach
Has NAT and IPSEC VPN capabilities
Currently separating VMs means traffic going across external VLANs to external firewalls
vShield App provides firewalls at vNIC level
Robust ability to monitor traffic flowing between VMs as it all goes through the vShield appliance
Multiple trust zones within vSphere clusters
Cheaper than physical firewalls

Now going through use cases, but describing them isn't going to work well here without the diagrams.
Basically demonstrating how existing physical constructs can be migrated to vShield approach

No comments: