My group is in the process of deploying multiple vCloud Director instances and as such I thought it would be a good idea to download and test out the vShield product suite, which is one of the required dependencies for vCloud Director. To date, my group has never had a need for vShield Manager as we use another software firewall to perform the same functions. I work more closely on the systems side of the house and as such I am not always involved with all the networking projects going on. With all of the problems experienced by the network team (no fault of there own) deploying software firewalls (all fault here) in the past, I thought it would be a good idea to be involved with vShield from the beginning.
vShield is comprised of one or more of the following components:
- vShield Manager (one required per vCenter Server, free) – vCenter Server like management tool for all vShield products
- vShield Zones (one per host, free) – firewall for traffic between VMs
- vShield Edge (requires license) – provides edge security including LB, NAT, and VPN as well as gateway services
- vShield App (one per host, requires license) – interior, vNIC level firewall for all traffic between VMs even if they are on the same host
- vShield Endpoint (one per host, requires license) – introspection-based antivirus solution
For testing purposes, I decided to deploy a vShield Manager appliance as well as a vShield Zones appliance. Deploying the vShield Manager appliance is simple and since the VM is small the task takes very little time to complete. I powered on the VM and was surprised to find that the VM booted to a login in prompt and no other information was displayed. It was only upon reading the quick start guide that I realized I needed to:
- Log into the VM with admin/default
- Type: enable
- Enter the admin password
- Type: setup
- Follow the prompts