Should I be using vShield Zones?

rpmello · ‎04-13-2010

vShield zones sounds like the ideal product for me, but I just want to get a better feel for how it'd work in my environment. We currently use VLANs in our VMware View environment and are considering splitting up VLANs and VMs based on access levels. Some groups of VMs need access to sensitive internal databases, some need only access to the unsecure intranet but no internet, and others need access to both the intranet and internet.

Would vShield zones be able to replace these different VLANs, or does it merely supplement these VLANs by allowing me to set those firewall rules from within VMware instead of at our physical firewall?

Thanks for the info.

natewilson · ‎04-14-2010

Would vShield zones be able to replace these different VLANs, or does it merely supplement these VLANs by allowing me to set those firewall rules from within VMware instead of at our physical firewall?

I tried vshield recently, looking to do the same thing. I found that it could not secure VMs within a VLAN / "Zone". It can only apply security when packets leave the VLAN.

To divide VMs up within a VLAN, you'll need a VMsafe-based firewall.

poornima_altor · ‎04-22-2010

If you have not already looked at it, I would recommend you look at the solutions in the VMsafe ecosystem. My company - Altor Networks is a member of the VMsafe Partner ecosystem, and we have a VMsafe Certified Firewall that may address your requirements.

Thank you.

All

Should I be using vShield Zones?