Manualshelf

Setup guide

ManualsBrandsUpgrading everyday security ManualsHome building and DecorCommpact
31323334353637383940
4 If you selected Enable HA on the Name & Description page, complete the Configure HA parameters
section.
vShield Edge replicates the configuration of the primary appliance for the standby appliance and
ensures that the two HA vShield Edge virtual machines are not on the same ESX host even after you use
DRS and vMotion. Two virtual machines are deployed on vCenter in the same resource pool and
datastore as the appliance you configured. Local link IPs are assigned to HA virtual machines in the
vShield Edge HA so that they can communicate with each other. You can specify management IP
addresses to override the local links.
a Select the internal interface for which to configure HA parameters.
b (Optional) Type the period in seconds within which, if the backup appliance does not receive a
heartbeat signal from the primary appliance, the primary appliance is considered inactive and the
back up appliance takes over.
The default interval is 6 seconds.
c (Optional) Type two management IP addresses in CIDR format to override the local link IPs
assigned to the HA virtual machines.
Ensure that the management IP addresses are not overlapping with any of the interface subnets.
5 Click Next.
The Summary page appears.
Confirm Settings and Install the vShieldEdge
Before you install the vShield Edge, review the settings you entered.
Procedure
1 On the Summary page, review the settings for the vShield Edge.
2 Click Previous to modify the settings
3 Click Finish to accept the settings and install the vShield Edge.
Installing vShield Endpoint
The installation instructions that follow assume that you have the following system:
n
A datacenter with supported versions of vCenter Server and ESXi installed on each host in the cluster.
For information on the required versions, see Chapter 2, “Preparing for Installation,” on page 13.
n
vShield Manager 5.5 installed and running.
n
Anti-virus solution management server installed and running.
vShield Endpoint Installation Workflow
After you prepare the ESX host for vShield Endpoint installation, install vShield Endpoint in these stages:
1 Deploy and configure a security virtual machine (SVM) to each ESX host according to the instructions
from the anti-virus solution provider.
2 Install the latest version of VMware Tools released for the version of ESX that you have on all virtual
machines to be protected.
The vShield Endpoint host component adds two firewall rules to the ESX host:
n
The vShield-Endpoint-Mux rule opens ports 48651 to port 48666 for communication between the host
component and partner security VMs.
Chapter 4 Installing vShield Edge, vShield App, vShield Endpoint, and vShield Data Security
VMware, Inc. 33