Manualshelf

Virtual Private Cloud OnDemand Networking Guide

ManualsBrandsVMware ManualsApplicationsvCloud Air
21222324252627282930
Table Of Contents
The following products and solutions are supported with Virtual Private Cloud OnDemand and work
together to provide network security for Virtual Private Cloud OnDemand.
Figure 31. Product Interactions to Provide Security in Virtual Private Cloud OnDemand
VM VM
VM VM
VM VM
VMVM
VM
AV
Internal network
Gateway network
Gateway
Threat mitigation
Third-party appliance
XVLAN
The following security functions are available in Virtual Private Cloud OnDemand:
n
Gateway: firewall, IP address management, and routing
n
Threat mitigation: third-party antivirus, traffic analysis, and threat mitigation appliances
n
Third-party appliances: virtual appliances of your choice allowing you to deploy your own security
policies
n
VXLAN: the foundation for elastic portable virtual data centers
Third-party Virtual Appliances
Virtual Private Cloud OnDemand supports threat mitigation by allowing you to deploy your own antivirus
solution (such as, MacAfee antivirus) and configure static routing between the gateway interfaces so that all
traffic traverses the antivirus first, then travels to your virtual machines.
Virtual Private Cloud OnDemandsupports the deployment of third-party virtual appliances in to the cloud.
For example, if you are using policies based on a Palo Alto security appliance, or appliances deployed onsite
at your data center, you can deploy that same third-party virtual appliance in
Virtual Private Cloud OnDemand and run network traffic to your virtual machines through the appliance.
Using the same virtual appliance in Virtual Private Cloud OnDemand that you used onsite in your data
center, Virtual Private Cloud OnDemand can become an extension of your onsite cloud.
Virtual Private Cloud OnDemandsupports the deployment of all third-party virtual appliances supported
by VMware vSphere; such as, F5, RSA (for secure ID), and Riverbed (caching).
Additionally, you can use a third-party appliance with your isolated networks in
Virtual Private Cloud OnDemand. isolated networks (which are not connected to the gateway) can connect
to a third-party appliance; the third-party virtual appliance can have access to the gateway.
vCloud Air - Virtual Private Cloud OnDemand Networking Guide
28 VMware, Inc.