Table of Contents
Advertisement
vShield Quick Start Guide
vShield Edge
vShield Edge provides network edge security and gateway services to isolate the virtual machines in a port
group, vDS port group, or Cisco
(uplink) networks by providing common gateway services such as DHCP, VPN, NAT, and Load Balancing.
Common deployments of vShield Edge include in the DMZ, VPN Extranets, and multi‐tenant Cloud
environments where the vShield Edge provides perimeter security for Virtual Datacenters (VDCs).
Standard vShield Edge Services (Including Cloud Director)
Firewall: Supported rules include IP 5‐tuple configuration with IP and port ranges for stateful inspection
for TCP, UDP, and ICMP.
Network Address Translation: Separate controls for Source and Destination IP addresses, as well as TCP
and UDP port translation.
Dynamic Host Configuration Protocol (DHCP): Configuration of IP pools, gateways, DNS servers, and
search domains.
Advanced vShield Edge Services
Site‐to‐Site Virtual Private Network (VPN): Uses standardized IPsec protocol settings to interoperate with
all major firewall vendors.
Load Balancing: Simple and dynamically configurable virtual IP addresses and server groups.
vShield Edge supports syslog export for all services to remote servers.
Figure 1-1. vShield Edge Installed to Secure a vDS Port Group
8
®
Nexus 1000V. The vShield Edge connects isolated, stub networks to shared
VMware, Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the VSHIELD APP 1.0 and is the answer not in the manual?