VMware VSHIELD MANAGER 4.1.0 UPDATE 1 - API Bedienungsanleitung Seite 29

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 162
  • Inhaltsverzeichnis
  • FEHLERBEHEBUNG
  • LESEZEICHEN
  • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 28
VMware, Inc. 29
Chapter 4 Zones Firewall Management
Create a Zones Firewall Rule
ZonesFirewallrulesallowordenytrafficbasedonthefollowingcriteria:
YoucanadddestinationandsourceportrangestoarulefordynamicservicessuchasFTPandRPC,which
requiremultipleportstocompleteatransmission.Ifyoudonotallowalloftheportsthatmustbe
openedfor
atransmission,thetransmissionfails.
To create a firewall rule at the datacenter level
1InthevSphereClient,gotoInventory>HostsandClusters.
2 Selectadatacenterresourcefromtheresourcetree.
3ClickthevShieldZonestab.
4ClickZonesFirewall.
Bydefault,theL4Rulesoptionisselected.
TocreateL2/L3rules,see“CreateaLayer2/Layer3
ZonesFirewallRule”onpage 30.
5Dooneofthefollowing:
ClickAddtoaddanewruletotheDataCenterLowPrecedenceRules(Rulesbelowthislevelhave
lowerprecedence...).
SelectarowintheDataCenterHighPrecedenceRulessectionofthetableandclickAdd.Anew
appearsbelowtheselectedrow.
6Doubleclickeachcellinthenewrowtoselecttheappropriateinformation.
YoumusttypeIPaddressesintheSourceandDestinationfields,andportnumbers
intheSourcePort
andDestinationPortfields.
7 (Optional)SelectthenewrowandclickUptomovetherowupinpriority.
8 (Optional)SelecttheLogcheckboxtologallsessionsmatchingthisrule.
9ClickCommittosavetherule.
To create a firewall rule at the cluster level
1InthevSphereClient,gotoInventory>Hostsand
Clusters.
2 Selectaclusterresourcefromtheresourcetree.
3ClickthevShieldZonestab.
4ClickZonesFirewall.
Bydefault,theL4Rulesoptionisselected.
TocreateL2/L3rules,see“CreateaLayer2/Layer3ZonesFirewallRule”onpage 30.
Criteria Description
Source(A.B.C.D/nn) IPaddresswithnetmask(nn)fromwhichthecommunicationoriginated
SourcePort Portorrangeofportsfromwhichthecommunicationoriginated.Toenteraport
range,separatethelowandhighendoftherangewithacolon.Forexample,
1000:1100.
Destination(A.B.C.D/nn) IPaddresswithnetmask(nn)whichthe
communicationistargeting
DestinationApplication Theapplicationonthedestinationthesourceistargeting
DestinationPort Portorrangeofportswhichthecommunicationistargeting.Toenteraportrange,
separatethelowandhighendoftherangewithacolon.Forexample,1000:1100.
Protocol Transportprotocolusedforcommunication
Seitenansicht 28
1 2 ... 24 25 26 27 28 29 30 31 32 33 34 ... 161 162

Kommentare zu diesen Handbüchern

Keine Kommentare