Advanced Networking Services Guide

Table Of Contents

6 If you are adding a Certificate, configure the following options:

Private Key—required for enabling public key/private key encryption

Password

Retype Password

7 Click OK.

You can now sign your own certificates.

Add a Certificate Revocation List

A Certificate Revocation List (CRL) is a list of subscribers and their status, which is provided and signed by

Microsoft.

The list contains the following items:

The revoked certificates and the reasons for revocation

The dates that the certificates are issued

The entities that issued the certificates

A proposed date for the next release

When a potential user attempts to access a server, the server allows or denies access based on the CRL entry

for that particular user.

Procedure

1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI. See “Log In and Navigate

to Advanced Networking Services,” on page 9 for information.

2 Click the Certificates tab.

Click the Add (

) icon and then CLR.

The Add CRL dialog box appears.

4 In Certificate contents, paste the list.

5 (Optional) Type a description.

6 Click OK.

Security Objects in vCloud Air

This section describes custom network and security containers.

Advanced Networking Services includes functionality to create grouping objects for use when configuring

the edge gateway firewall and the firewall for Trust Groups. Additionally, you can use grouping objects

when configuring the server pool for the load balancer.

Create an IP Address Group

You can create an IP address group and then add this group as the source or destination in a firewall rule.

Such a rule can help protect physical machines from virtual machines or vice versa.

Procedure

1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI.

See “Log In and Navigate to Advanced Networking Services,” on page 9 for information.

vCloud Air Advanced Networking Services Guide

26 VMware, Inc.