VMware VSHIELD MANAGER 4.1 - API Manual de usuario descargar pdf (Pagina 23)

8 Click Install at the top of the form.

You can follow the vShield App installation steps from the Recent Tasks pane of the vSphere Client screen.

9 After installation of all components is complete, do the following:

vShield App: At this point, vShield App installation is complete. Go to the vShield App > App

Firewall tab at the datacenter, cluster, or port group container level to configure firewall rules. Each

vShield App inherits global firewall rules set in the vShield Manager. The default firewall rule set

allows all traffic to pass. You must configure blocking rules to explicitly block traffic. To configure

App Firewall rules, see the vShield Administration Guide.

vShield Endpoint: To complete installation, see “Installing vShield Endpoint,” on page 24.

vShield Data Security: To complete installation, see “Installing vShield Data Security,” on page 25.

Install a vShield Edge

Each vShield Edge virtual appliance has External and Internal network interfaces. The Internal interface

connects to the secured port group and acts as the gateway for all protected virtual machines in the port group.

The subnet assigned to the Internal interface can be RFC 1918 private space. The External interface of the vShield

Edge connects to an uplink port group that has access to a shared corporate network or a service that provides

access layer networking.

Each vShield Edge requires at least one IP address to number the External interface. Multiple external IP

addresses can be configured for Load Balancer, Site-to-Site VPN, and NAT services. The Internal interface can

have a private IP address block that overlaps with other vShield Edge secured port groups.

You can install one vShield Edge per port group, vDS port group, or Cisco

Nexus 1000V.

If DRS and HA are enabled, a vShield Edge will be migrated dynamically.

Procedure

1 Log in to the vSphere Client.

2 Go to View > Inventory > Networking.

3 On a vDS, create a port group.

This port group is the Internal port group.

4 Move a tenant’s guest virtual machines to the Internal port group.

5 Select the new Internal port group.

6 Click the Edge tab.

7 Under Network Interfaces, enter the following information.

Option Description

External

Port Group

Select the external port group in the vDS. This port group homes a physical

NIC and connects to the external network.

IP Address

Type the IP address of the external port group.

Subnet Mask

Type the IP subnet mask associated with the specified external IP address.

Default Gateway

Type the IP address of the default network gateway.

Internal

Port Group

This is the selected internal port group.

IP Address

Type the IP address of the internal port group.

Subnet Mask

Type the IP subnet mask associated with the specified internal IP address.

Chapter 4 Installing vShield Edge, vShield App, vShield Endpoint, and vShield Data Security

VMware, Inc. 23

1 2 ... 18 19 20 21 22 23 24 25 26 27 28 ... 33 34

Comentarios a estos manuales

Sin comentarios

VMware VSHIELD MANAGER 4.1 - API Manual de usuario Pagina 23

Comentarios a estos manuales

Relacionado con productos y manuales para Software VMware VSHIELD MANAGER 4.1 - API