TheVMinator
Expert
Expert

vShield Zones and compatability with vMotion / fault tolerance

In looking at implementing vShield Zones, I'm trying to figure out what the requirements are for compatibility with vmotion and fault tolerance. I create a port group for a vShield zone on one of the ESX servers in the environment. Do I need to exactly duplicate the configuration of that vShield zone port group on every ESX server to which I want to possiblly vmotion a VM or have a VM fail over to through fault tolerance or HA - even if that server currently doesn't have any VM's that need a vShield Zone?

0 Kudos
4 Replies
admin
Immortal
Immortal

Before I answer, can you tell me what versions of Zones do you have?

Renuka Nadkarni

Network Security Product Management

VMware Inc.

TheVMinator
Expert
Expert

Currently I don't have any vshield zones, vshield edge, or vshield app installed or configured. What product should be used is a decision yet to be made. However, High availability clusters and fault tolerance are currently being used. The concern is, how would adding a solution from the vShield suite of products impact the functionality of HA/FT/Vmotion that is currently in place.

Thanks,

0 Kudos
admin
Immortal
Immortal

vShield App, Edge and Endpoint products are all slightly different and have different use cases or problems they address. Given that, the way they work with VMware availability solutions and pre requisites for that, change.

If it helps, I will be happy to get a quick conf call to understand what specific use cases you are targetting and I can help with vis-a-vis with other offerings.

rnadkarni@vmware.com is the email if you need to reach out to me.

Regards,

Renuka Nadkarni

Network Security Product Management

VMware Inc.

TheVMinator
Expert
Expert

Thanks for the input

0 Kudos