Setup guide
Introduction to vShield 1
This chapter introduces the VMware
®
vShield™ components you install.
This chapter includes the following topics:
n
“vShield Components at a Glance,” on page 7
n
“Deployment Scenarios,” on page 10
vShield Components at a Glance
VMware vShield is a suite of security virtual appliances built for VMware vCenter Server integration. vShield
is a critical security component for protecting virtualized datacenters from attacks and misuse helping you
achieve your compliance-mandated goals.
vShield includes virtual appliances and services essential for protecting virtual machines. vShield can be
configured through a web-based user interface, a vSphere Client plug-in, a command line interface (CLI), and
REST API.
vCenter Server includes vShield Manager. The following vShield packages each require a license:
n
vShield App
n
vShield App with Data Security
n
vShield Edge
n
vShield Endpoint
One vShield Manager manages multiple vShield App, vShield Edge, vShield Endpoint, and vShield Data
Security instances.
n
vShield Manager on page 8
The vShield Manager is the centralized network management component of vShield, and is installed as
a virtual appliance on any ESX™ host in your vCenter Server environment. A vShield Manager can run
on a different ESX host from your vShield agents.
n
vShield App on page 8
vShield App is a hypervisor-based firewall that protects applications in the virtual datacenter from
network based attacks. Organizations gain visibility and control over network communications between
virtual machines. You can create access control policies based on logical constructs such as VMware
vCenter™ containers and vShield security groups—not just physical constructs such as IP addresses. In
addition, flexible IP addressing offers the ability to use the same IP address in multiple tenant zones to
simplify provisioning.
VMware, Inc.
7