Hi,
I am about to change the Layer 2 network security on all my hosts to Reject Promiscuios Mode \ MAC Address Changes & Forged Transmits. Can this be completed on the fly or is this a maintenance mode for the hosts job as it may effect VM's connectivity ?
Thanks
You can go-ahead on the fly. It is not required for you to go to Maintenance mode..
Thread moved to the dedicated Security forum
If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Tom Howarth VCP / vExpert
VMware Communities User Moderator
Blog: www.planetvm.net
Contributing author for the upcoming book "[VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment|http://my.safaribooksonline.com/9780136083214]”. Currently available on roughcuts
Hello,
This can be performed at any time. However be aware that you can override the default vSwitch settings PER port group so your verification/audit steps should include verifying that the settings are still inherited by the portgroups.
Best regards, Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Now Available on Rough-Cuts: 'VMware vSphere(TM) and Virtual Infrastructure Security: Securing ESX and the Virtual Environment'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|Virtualization Security Round Table Podcast[/url]