VMware VSHIELD MANAGER 4.1 - API Instrukcja Konfiguracji

vShield Quick Start GuidevShield Manager 5.0.1vShield App 5.0.1vShield Edge 5.0.1vShield Endpoint 5.0.1This document supports the version of each prod

vShield EndpointvShield Endpoint offloads antivirus and anti-malware agent processing to a dedicated secure virtual appliancedelivered by VMware partn

nIsolating and Protecting Internal Networks on page 11You can use a vShield Edge to isolate an internal network from the external network. A vShield E

Protecting Virtual Machines in a ClusterYou can use vShield App to protect virtual machines in a cluster.In Figure 1-3, vShield App instances are inst

Preparing for Installation 2This chapter introduces tan overview of the prerequisites for successful vShield installation.This chapter includes the fo

For vShield Endpoint and vShield Data Security, you must upgrade your virtual machines to hardwareversion 7 or 8 and install VMware Tools 8.6.0 releas

Preparing Virtual Machines for vShield ProtectionYou must determine how to protect your virtual machines with vShield. As a best practise, you should

nCommand Line Interface on page 16You can access the vShield Manager, vShield App, and vShield Edge virtual appliances by using acommand line interfac

Installing the vShield Manager 3VMware vShield provides firewall protection, traffic analysis, and network perimeter services to protect yourvCenter S

Install the vShield Manager Virtual ApplianceYou can install the vShield Manager virtual machine on an ESX host in a cluster configured with DRS.With

4 Run the setup command to open the CLI setup wizard.The CLI setup wizard guides you through IP address assignment for the vShield Manager’s managemen

vShield Quick Start Guide2 VMware, Inc.You can find the most up-to-date technical documentation on the VMware Web site at:http://www.vmware.com/supp

Synchronize the vShield Manager with the vCenter ServerSynchronize with your vCenter Server to display your VMware Infrastructure inventory in the vSh

Change the Password of the vShield Manager User Interface DefaultAccountYou can change the password of the admin account to harden access to your vShi

vShield Quick Start Guide22 VMware, Inc.

Installing vShield Edge, vShield App,vShield Endpoint, and vShield DataSecurity 4After the vShield Manager is installed, you can obtain licenses to ac

Install vShield Component LicensesYou must install licenses for vShield Edge, vShield App, and vShield Endpoint before installing thesecomponents. You

Option DescriptionNetmaskType the IP subnet mask associated with the assigned IP address.Default GatewayType the IP address of the default network gat

c Check that a DVFilter entry appears in the Incoming Connections under the Firewall panel. If noDVFilter entry appears, click Refresh.nCreate a host

7 Under Network Interfaces, enter the following information.Option DescriptionExternalPort GroupSelect the external port group in the vDS. This port g

The vShield Endpoint host component adds two firewall rules to the ESX host:nThe vShield-Endpoint-Mux rule opens ports 48651 to port 48666 for communi

Procedure1 Log in to the vSphere Client.2 Select an ESX host from the inventory tree.3 Click the vShield tab.4 Click Install next to vShield Data Secu

ContentsAbout this Book 5 1Introduction to vShield 7vShield Components at a Glance 7Deployment Scenarios 10 2Preparing for Installation 13System Requi

vShield Quick Start Guide30 VMware, Inc.

Uninstalling vShield Components 5This chapter details the steps required to uninstall vShield components from your vCenter inventory.This chapter incl

2 Go to View > Inventory > Networking.3 Click the Edge tab.4 Click Uninstall.Uninstall a vShield Data Security Virtual MachineAfter you uninstal

Upgrading vShield 6To upgrade vShield, you must first upgrade the vShield Manager, then update the other components for whichyou have a license.This c

9 Click Confirm Install.The upgrade process reboots vShield Manager, so you might lose connectivity to the vShield Manageruser interface. None of the

In compatibility mode, the default firewall policy is applied only on the internal interface. All traffic in in/outdirection on external and VPN inter

Upgrade vShield Data SecurityUpgrade vShield Data Security on each host in your datacenter. It is recommended that you upgrade vShieldEndpoint before

vShield Installation Fails 7Installing vShield App results in an error.ProblemWhen a vShield App installation fails, you receive a prompt to uninstall

vShield Quick Start Guide38 VMware, Inc.

IndexCchanging the GUI password 21CLIconfiguring vShield Manager networksettings 18hardening 16client requirements 13cluster protection 12communi

Index 39vShield Quick Start Guide4 VMware, Inc.

vShield App 8vShield Edge 9vShield Endpoint 10vShield Manager 8vShield Appabout 8common deployments 12installation 24licensing 24uninstall 31

About this BookThis manual, the vShield Quick Start Guide, describes how to install and configure the VMware®vShield™system by using the vShield Manag

Services provides offerings to help you assess, plan, build, and manage yourvirtual environment. To access information about education classes,certifi

Introduction to vShield 1This chapter introduces the VMware® vShield™ components you install.This chapter includes the following topics:n“vShield Comp

nvShield Edge on page 9vShield Edge provides network edge security and gateway services to isolate the virtual machines in aport group, vDS port group

vShield EdgevShield Edge provides network edge security and gateway services to isolate the virtual machines in a portgroup, vDS port group, or Cisco