P R O D U C T D A T A S H E E T / 1
D A T A S H E E T
AT A G L ANCE
VMware vShield Edge, part of the vShield family
of virtualization security products, provides
comprehensive perimeter network security for
virtual datacenters. vShield Edge integrates
seamlessly with VMware vSphere™ and includes
essential network gateway services that
organizations can use to quickly and securely
scale their cloud infrastructures.
KE y B EN EFITS
• Reduce cost and complexity by eliminating
multiple special-purpose appliances, and by
rapidly provisioning network gateway services.
• Ensure policy enforcement with built-in edge
network security and services.
• Increase scalability and performance with one
edge per organization/tenant.
• Simplify IT compliance with detailed logging.
• Streamline management using a full-featured
interface that integrates with VMware vCenter™
Server and leading enterprise security solutions.
VMware vShield Edge
Secure the Edge of the Datacenter
What Is VMware vShield
Edge?
VMware vShield Edge is an edge network security solution for
virtual datacenters that provides essential security capabilities
such as port group isolation, network security gateway services
and Web load balancing for performance and availability. The
solution plugs directly into vSphere and leverages built-in
features such as fault tolerance and high availability for
unparalleled resiliency.
Administrators can centrally manage vShield Edge through the
included vShield Manager console, which integrates seamlessly with
vCenter Server to facilitate unified security management for virtual
datacenters. vShield Edge also works in concert with VMware
VCloud Director to automate and accelerate the secure provisioning
of virtual datacenters in multi-tenant cloud infrastructures.
How Does VMware vShield
Edge Work?
Network Security Gateway
Deployed as a virtual appliance, vShield Edge provides firewall,
VPN, Web load balancer, NAT, and DHCP services to monitor
packet headers for source and destination IP addresses. Depending
on policy, it can deny or allow connections, initiate and terminate
VPN sessions, perform network address translation, or inspect
data by source/destination port and protocol type (TCP or UDP).
Port Group Isolation
When deployed as a loadable kernel module on vSphere, port
group isolation creates a barrier between the virtual machines
protected by vShield Edge and the external network. This has the
same effect as implementing VLANs but without the complexity
of trunking switch connections and defining switch port mappings.
How Is VMware vShield
Edge Used?
•
Consolidate edge security hardware
– vShield allows
customers to provision edge security services using existing
vSphere resources, eliminating the need for edge security
hardware to “air gap” vSphere hosts.
VMware vShield Edge secures traffic between virtual datacenters with built-in perimeter
security and port group isolation.
