VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Instrukcja Użytkownika Pobierz pdf (Strona 15)

VMware, Inc. 15

Chapter 2 Preparing for Installation

How Do I Isolate a Group of Virtual Machines?

YoucanusevShieldEdgewiththePortGroupIsolationfeatureorVLANstoisolatevirtualmachinesfromthe

externalnetwork.

1InstallPortGroupIsolationoneachESXhostthatavDSspans.

2 CreateaportgrouponthevDS.

3EnablePortGroupIsolationonthevDS.

4InstallavShieldEdgeonthe

portgroup.

5Movethevirtualmachinestotheportgroup.

6ConfigurevShieldEdgeNATrulesfortrafficinandoutoftheportgroup.

vShield Manager Uptime

ThevShieldManagershouldberunonanESXhostthatisnotaffectedbydowntime,suchasfrequentreboots

ormaintenancemodeoperations.YoucanuseHAorDRStoincreasetheresilienceofthevShieldManager.If

theESXhostonwhichthevShieldManagerresidesisexpectedto

requiredowntime,vMotionthevShield

ManagervirtualappliancetoanotherESXhost.Thus,morethanoneESXhostisrecommended.

Communication Between vShield Components

ThemanagementinterfacesofvShieldcomponentsshouldbeplacedinacommonnetwork,suchasthe

vSpheremanagementnetwork.ThevShieldManagerrequiresconnectivitytothevCenterServer,aswellas

allvShieldAppandvShieldEdgeinstances.vShieldcomponentscancommunicateoverroutedconnections

aswellasdifferentLANs.

Hardening Your vShield Virtual Machines

YoucanaccessthevShieldManagerandothervShieldcomponentsbyusingaweb‐baseduserinterface,

commandlineinterface,andRESTAPI.vShieldincludesdefaultlogincredentialsforeachoftheseaccess

options.AfterinstallationofeachvShieldvirtualmachine,youshouldhardenaccessbychangingthedefault

vShield Manager User Interface

YouaccessthevShieldManageruserinterfacebyopeningawebbrowserwindowandnavigatingtotheIP

addressofthevShieldManager’smanagementport.Thedefaultuseraccount,admin,hasglobalaccesstothe

vShieldManager.Afterinitiallogin,youshouldchangethedefaultpasswordoftheadminuseraccount.

See

“ChangethePasswordofthevShieldManagerUserInterfaceDefaultAccount”onpage 20.

Command Line Interface

YoucanaccessthevShieldManager,vShieldApp,andvShieldEdgevirtualappliancesbyusingacommand

lineinterfaceviavSphereClientconsolesession.Eachvirtualapplianceusesthesamedefaultusername

(admin)andpassword(default)combinationasthevShieldManageruserinterface.EnteringEnabledmode

alsousesthe

passworddefault.

FormoreonhardeningtheCLI,seethevShieldAdministrationGuide.

NOTEYoucanalsouseVLANstoisolatevirtualmachinesprotectedbyavShieldEdge.Ifyouuse

VLANs,theinternalportgroupconnectedtoavShieldEdgemusthaveaVLANtagthatisdifferentfrom

theexternalportgroup.

NOTEThevShieldManagermustbeinthesamevCenterServerenvironmentasthevShieldcomponentsto

bemanaged.YoucannotusethevShieldManageracrossdifferentvCenterServerenvironments.

1 2 ... 10 11 12 13 14 15 16 17 18 19 20 ... 29 30

Komentarze do niniejszej Instrukcji

Brak uwag

VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Instrukcja Użytkownika Strona 15

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Podręczniki do oprogramowania VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API