Lesson 3 - Vshield Endpoint
Video Activity
Vshield Endpoint This lesson focuses on the vShield endpoint. vShield endpoint is a security feature built into ESXi. This lesson discusses how vShield fits into the cloud environment and how it fits into the vSphere. vShield is highly functional; it secures the cloud from the edge of the network, trickling down into individual networks.
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
Vshield Endpoint This lesson focuses on the vShield endpoint. vShield endpoint is a security feature built into ESXi. This lesson discusses how vShield fits into the cloud environment and how it fits into the vSphere. vShield is highly functional; it secures the cloud from the edge of the network, trickling down into individual networks.
Video Transcription
00:04
Hello, I'm Gene Pompilio. Welcome to cyber Worry. We're in the virtual ization installation configuration management course module number nine. Lesson three. This lesson We're working with the V Shield and Point.
00:17
This is a ah, nice security future that's built in with S X I, as of ah version or re center, rather as a version five got one.
00:27
So we look a little bit of how the shield fits into your cloud environment
00:32
and how
00:33
the shell can be integrated with these fair
00:37
Oh, it's very, very easy to use and pretty powerful.
00:41
So visually, his ideal for building a foundation for a cloud environment,
00:47
whether it's a private cloud of public cloud,
00:50
um,
00:51
functionality wouldn't really be changed too much between those two indifference. It scenarios.
00:57
But the idea is that the shield in general is securing the cloud from the edge of your network all the way down to individual endpoints.
01:07
So, for instance, I have my three different components here.
01:10
If you shield edge,
01:11
this goes from the edge of the the data center, the Virtual Data center,
01:15
and I've got a virtual data center one here, Maybe this is a d m Z. Have got several V ems.
01:22
A few shield edge provides that protection for
01:26
the the V EMS in that edge of the network scenario. Like a d m z,
01:33
the shield at might be applied in our second virtual data center, where I've got some Web servers and then maybe the end point
01:41
component could be used for some of the applications, like painted card industry, you know, application server type APS.
01:52
So official manager is what we used to manage this whole environment from a centralized point of view. This integrates into the center and gives you, ah, one place to go to do all of your different activities.
02:06
The shield edge,
02:07
as I mentioned, protects the perimeter of your data center. So if you think about having a perimeter firewall, perimeter access controls other security devices, this is where this
02:19
comes in.
02:21
Oven visual app
02:23
is another type of fire. Well, this one is application aware, and it works at the Knick level.
02:30
So if I've got viens defined as Web servers in this example,
02:35
official app can control the Knicks on those two the EMS
02:40
and allow them to
02:43
work with whatever firewall rules were defined. Whatever security policies have been defined.
02:47
And then end point is something that actually runs on a dedicated virtual appliance.
02:53
And what its function is is to,
02:58
uh, allow you to have a dedicated appliance just for doing anti virus and anti malware processing.
03:06
So this means that you no longer have to have an agent
03:09
or are anti virus software running on V EMS, as you would for a typical physical host
03:16
so you can have the the endpoint applying to do that work for you, which, of course, gives you some nice advantages. It makes it easier to deal with your
03:27
anti virus administration tasks, making sure the appliances updated
03:31
and protecting all the VM that's supposed to should be an easier,
03:36
uh,
03:37
group of tasks and having to deal with individual systems and their own game requirements in a physical type environment.
03:45
So it makes little life a little bit easier.
03:46
And because the dedicated appliance is
03:52
providing protection for multiple systems, you get a higher consolidation ratio.
03:57
You could have a lot of e EMS in this environment.
04:00
I could have several mor here,
04:02
all being protected by the same appliance.
04:05
There's a practical limit, of course, as to how many of'em you can actually protect with the appliance, but it's pretty generous limit.
04:13
And because of the fact that it's a dedicated points, we get the enhanced performance that you would expect to see. Overall,
04:19
as I mentioned
04:21
as our version, find that one and later
04:26
official end point is included. There's no extra
04:29
fees involved with that.
04:31
So to recap,
04:32
we learned a little bit about what the TV show manager does for the big picture centralized mansion of your virtual security environment.
04:43
We can see how the different components can protect the edge of your network,
04:47
uh, different applications and also down to the end point level. So we have various options for firewalls and anti virus anti malware handling.
05:00
All right, thank you. That concludes lesson.
Up Next
Similar Content
