Release: VMware vShield Edge 1.0
 |
During the recently ended VMworld conference (see virtualization.info live coverage), VMware announced a remarkable number of new products. One of them is vShield Edge 1.0.
VMware acquired the vShield security technology from Blue Lane Technologies in October 2008. The only product offered so far has been Zones, a virtual firewall that uses stateful inspection and application layer gateway approaches to monitor and filter virtual network traffic between multiple virtual machines deployed on the same virtualization host.
vShield Zones didn’t mature much in almost two years, and VMware is offering it for free as part of vSphere Advanced, Enterprise and Enterprise Plus editions.
A major limitation of Zones is the inability to filter traffic entering and leaving the virtual network, which is a critical need in multi-tenant cloud computing environments like the ones created by the new vCloud Director.
VMware overcame this limitation by releasing extending the vShield product family with this new solution called Edge.
Zones and Edge share the same firewall engine, but while the former is attached to a specifc virtualization host, the latter is attached to a specific portgroup.
In this role, the engine has been enriched by a few key new capabilities:
- Site-to-Site VPN (IPSec only)
- NAT and DHCP services
- Web load balancing (HTTP/S, with Round-Robin algorithm and sticky sessions)
- Logging on local or remote Syslog facilities (Firewall and NAT rules, VPN connections, load balancing sessions, DHCP bindings)
- API
Because of its key importance in the VMware vCloud infrastructure, vShield Edge also allows to meter network utilization and account it to specific tenants when it’s integrated with vCloud Director.
The VPN component has some limitations: it only supports pre-shared key mode, AES or 3DES encryption, IP unicast traffic, and no dynamic routing protocol between the vShield Edge and remote VPN routers.
Also, there’s no mention about IPv6. Hopefully the product supports this kind of traffic.
The way it’s deployed implies that vShield Edge can isolate different portgroups in a way that reminds the VLANs on physical network switches.
Anyway, to have this feature, customers need to deploy a specific Loadable Kernel Module (LKM) on each virtualization host they want to control. The enforcement of other features don’t have this requirement.
To control Edge, Zones, and the other new security products announced at VMworld, VMware is using an additional component called vShield Manager. This is a centralized policy management console that doesn’t require any specific license.
vShield Manager can be accessed through a web interface or the VMware SDK as it offers a specific API.
Such API allows advanced manipulation of all information produced by the other vShield products, like rules and the logs.
vShield Edge 1.0 pricing starts at $4,538, which includes protection for 25 virtual machines and 1 year basic support (12×5), which is not exactly an affordable solution for SMBs.
virtualization.info Newest articles
December 20th, 2011
Oracle has released version 4.1.8 of its virtualization platform VM VirtualBox. This version which can be considered a maintenance release can be installed on top of any VM VirtualBox 4.1.x…
December 20th, 2011
VKernel, recently acquired by Quest Software has released version 4.5. of its vOperations Suite (vOps). vOperations is a suite of products providing Performance Analysis, Capacity Management, Resource Optimization, Reporting and…
December 7th, 2011
Teradici is the developer of the PC-over-IP (PCoIP) remote desktop protocol, which is leveraged in software (by VMware view) and provided with Teradici hardware solutions which are OEM’ed by several…
December 7th, 2011
Citrix has released a whitepaper titled:"Windows 2008 R2 Optimization Guide For Desktop Virtualization with XenApp 6 / 6.5", the paper which contains 23 pages outlines optimization for XenApp 6 and…
December 6th, 2011
In November Microsoft released a public beta of the Microsoft Assessment and Planning Toolkit (MAP) version 6.5. Today Microsoft announced its release, which is the follow-up of version 6.0 which…
December 6th, 2011
Open source vendor Red Hat has released version 6.2 of its Linux distribution, Red Hat Enterprise Linux. This version is the follow-up of version 6.1 which was released in May…
December 6th, 2011
Microsoft has released version 3.2 of the Linux Integration Services for its hypervisor Hyper-V. This version is the follow-up of version 3.1 which was released in July this year.
The…
November 29th, 2011
Since its first official release beginning 2009, the Virtual Session Indexer(VSI) has gained popularity as an independent benchmarking tool. One of the projects using the VSI tool is Project Virtual…
November 21st, 2011
VMware has released version 4.1 of its desktop virtualization platform for Apple Mac: Fusion. This release is considered an minor upgrade for version 4.0 which was released in September this…
November 21st, 2011
In September VMware released a new major version of its virtualization platform Workstation 8.0 and in October it released Player 4.0. Now VMware released an update for its virtualization platform…
November 17th, 2011
VMware has released version 4.7 of of its application virtualization solution ThinApp. This version includes the ability to use ThinApp packages in combination with its Software as a Service (SaaS)…
November 17th, 2011
VKernel, provider of performance and capacity management products, has announced its acquisition by Quest Software. VKernel will operate as a independent subsidiary of Quest.
VKernel entered the virtualization market in…
November 16th, 2011
Lanamark has released a new version of its Capacity Planning platform Suite, this version is the follow up of version 2010 which was released in March last year.
Suite 2012…
November 15th, 2011
In November last year, started releasing Solaris 11 Express, the development version eventually leading to the release of Oracle Solaris 11 which was released last week. Solaris is one of…
Copyright © 2003-2012 virtualization.info. All rights reserved.
virtualization.info | cloudcomputing.info | virtualization.tv | Virtualization Congress