vShield Administration Guide
50
VMware, Inc.
Specify a Remote Syslog Server
You can send vShield Edge events, such as violated firewall rules, to a syslog server.
To specify a remote syslog server
1
In the vSphere Client, go to
Inventory > Networking
.
2
Select an internal port group that is protected by a vShield Edge.
3
Click the
vShield Edge
tab.
4
Click the
Status
link.
5
Under Remote Syslog Servers, place the cursor in the top text box and type the IP address of a remote
syslog server.
6
Click
Commit
to save the configuration.
Managing the vShield Edge Firewall
The vShield Edge provides firewall protection for incoming and outgoing sessions. The default firewall policy
allows all traffic to pass. In addition to the default firewall policy, you can configure a set of rules to allow or
deny traffic sessions to and from specific sources and destinations. You manage the default firewall policy and
firewall rule set separately for each vShield Edge agent.
You can change the
Default Policy
from
Allow
to
Deny
on a vShield Edge to deny any sessions that do not
match any of the current firewall rules.
Create a vShield Edge Firewall Rule
vShield Edge firewall rules police traffic based on the following criteria:
You can add destination and source port ranges to a rule for dynamic services such as FTP and RPC, which
require multiple ports to complete a transmission. If you do not allow all of the ports that must be opened for
a transmission, the transmission is blocked.
To create a vShield Edge firewall rule
1
In the vSphere Client, go to
Inventory > Networking
.
2
Select an internal port group that is protected by a vShield Edge.
3
Click the
vShield Edge
tab.
4
Click the
Firewall
link.
Criteria
Description
Source IP
IP address from which the communication originated.
Source Port
Port or range of ports from which the communication originated. To enter a port
range, separate the low and high end of the range with a colon. For example,
1000:1100.
Destination IP
IP address which the communication is targeting.
Destination Port
Port or range of ports which the communication is targeting. To enter a port range,
separate the low and high end of the range with a colon. For example, 1000:1100.
Protocol
Transport protocol used for communication.
Direction
Direction of transmission. Options are IN, OUT, or BOTH.
Action
Action to enforce on transmission. Options are ALLOW or DENY. The default action
on all traffic is ALLOW.
Summary of Contents for VSHIELD APP 1.0.0 UPDATE 1 - API
Page 9: ...VMware Inc 9 vShield Manager and vShield Zones...
Page 10: ...vShield Administration Guide 10 VMware Inc...
Page 14: ...vShield Administration Guide 14 VMware Inc...
Page 18: ...vShield Administration Guide 18 VMware Inc...
Page 24: ...vShield Administration Guide 24 VMware Inc...
Page 34: ...vShield Administration Guide 34 VMware Inc...
Page 42: ...vShield Administration Guide 42 VMware Inc...
Page 46: ...vShield Administration Guide 46 VMware Inc...
Page 47: ...VMware Inc 47 vShield Edge and Port Group Isolation...
Page 48: ...vShield Administration Guide 48 VMware Inc...
Page 57: ...VMware Inc 57 vShield App and vShield Endpoint...
Page 58: ...vShield Administration Guide 58 VMware Inc...
Page 62: ...vShield Administration Guide 62 VMware Inc...
Page 68: ...vShield Administration Guide 68 VMware Inc...
Page 78: ...vShield Administration Guide 78 VMware Inc...
Page 85: ...VMware Inc 85 Appendixes...
Page 86: ...vShield Administration Guide 86 VMware Inc...