Backlog #4920
implement security groups in vCenter
| Status: | Pending | Start date: | 11/15/2016 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | Drivers - Network | |||
| Target version: | - |
History
#1
Updated by Jaime Melis over 4 years ago
(without NSX)
#2
Updated by Tino Vázquez over 4 years ago
- Target version set to Release 5.4
#3
Updated by Miguel Ángel Álvarez Cabrerizo over 4 years ago
- Tracker changed from Feature to Backlog
- Target version deleted (
Release 5.4)
ESX nodes have a firewall which is not based in iptables that can be configured through a firewall subsystem using rulesets. Although ports, incoming or outgoing traffic, and protocols can be used in the rulesets, we can’t specify a destination which will always be the ESX host, so we can’t use the ESX firewall to apply rules with a VM as source or destination. This firewall only lives between hosts in the management network interface.
The vSphere security guide doesn’t provide any further information on how to set firewall rules for VMs, virtual networks or vNICs using the vSphere client. So far we could only think on a VM like the virtual router that could enforce some rules.
References:
- https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2005284
- http://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.wssdk.apiref.doc/vim.host.FirewallSystem.html
- https://pubs.vmware.com/vsphere-60/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-60-security-guide.pdf