ID in a virtualized environment

Can someone develop an IDS solution for a virtualized environment?

I have ESX/ESXi - highly virtualized blade servers.  IM using the blade passes under chassis e/s - no pass-through.

The requirement is to run a service IDS such as VM-on-VM traffic is controlled. The traffic flow can be between two virtual machines on the same blade, 2 virtual machines on two separate blades in the same chassis, or two separate virtual machines on two hunts...

In this case, I see 3 streams of traffic off of the bat...

blade even: vm-on-vm traffic is enabled by a hypervisor type switch (vDS 1000v or vmware).

different blades in the same chassis: vm-on-vm traffic will leave blade and can be set by hardware chassis (blade chassis I/O) switch.

different chassis: vm-on-vm traffic will have to go to ToR (maybe same end of line).

NOTE: If the VMs are on different VLANS, traffic will always be at the end-of-line/agg switches (the limit of L3/L2).

So, given all of these possible flows, what is the best way to go about deploying IDS service? Implementation? Virtual or physical? etc...

Thank you!

You're right, dragging the flow of vm virtual machine out of the box for the inspection of the IPS and stuffing then reconnect will be a bottleneck of bandwidth. I doubt that it would cost you more CPU to move these pieces sttings to launch an IPS sensor inside the box (ala Sourcefire).

To minimize the bandwidth bottleneck, you can add Ethernet interfaces to your ESXi server and even to group several togther if you need more bandwidth, a single pair can offer.

-Bob

Tags: Cisco Security

Similar Questions

  • Windows 7 Home Premium with invalid Code of Activation in the virtual environment

    I have a PC with Windows 7 Home Premium, I could get the Product Code of Magic Jelly Bean KeyFinder.  I created a Virtualbox Win7 environment to test the code for what should I have to rebuild my computer I have everything properly.  Although I enter the code correctly when I try to activate it says that is not valid.  Is it because I'm under a system with it already running with the same product code that it does not work properly? Or something else?

    If your intention is to rebuild the desktop, why would need to test the activation code to see if it works, when it is currently working on the host itself? I can understand the Windows 7 Home Premium assessment in the virtual environment, but the idea of the code itself, no.

    If its already active in the host, then that means it works.

    If Home Premium from Windows 7 is pre-installed on the host itself, the code that you use cannot be used to activate Windows 7 elsewhere.

    New computers coming often pre-installed with Windows 7 have what is called a recovery partition. This is used to reinstall an operating system in the case of a system failure. To access it, you need to start when you start your computer by pressing a function key. This can be either F1, F2, F9, F10, F11, F12 key DEL or tab. See the manual that came with your PC for instructions on how to reinstall Windows.

    This is how the recovery partition is accessible to most popular brands...

    For Dell, press F8 on the keyboard until the Advanced Boot Options menu appears on the screen.

    For HP, press F11 directly after switching on the device

    For LG, press F11 directly after switching on the device

    For Toshiba, press and hold "0" BEFORE and during the power upward

    For Acer, press and hold ALT + F10, as soon as you see the logo

    For Asus, press F9, as soon as you see the Asus logo.

    For Samsung, press F4 to the power upward...

    For Fujitsu, press the F8 key directly after the power

    Advent, restart your computer. Then, press F10 repeatedly until the message "Starting system recovery"

    Sony VAIO, reboot and press "F8" or "F10" repeatedly until the screen "Advanced Boot Options".

    If it is a retail license and you need to reactivate Windows 7 Home Premium if you reinstall from scratch, you can still use phone activation:

    How to activate Windows 7 manually (activate by phone)
     
    1) click Start and in the search for box type: slui.exe 4
     
    (2) press the ENTER"" key.
     
    (3) select your "country" in the list.
     
    (4) choose the option "activate phone".
     
    (5) stay on the phone (do not select/press all options) and wait for a person to help you with the activation.
     
    (6) explain your problem clearly to the support person.
     
    http://support.Microsoft.com/kb/950929/en-us

    Go to the properties of the system of the host machine (start > right click computer > properties > scroll to the bottom of the window). If you see OEMS in the ID of the product you can not use elsewhere:

  • Break the password of ISE in a virtual environment.

    Hi all

    I forgot my password of my ISE. Infact, it is running in a Secure Network Server 3415.  This equipment has been installed by my colleague and he left the organization. Please help me and let me know how to break the password in ISE; that runs in a virtual environment.

    Please let me know if you need more information.

    Kind regards

    Shafi U

    ISE ISO can be downloaded at http://goo.gl/ECqB57

  • Can I use an antivirus on each of my hosts and guests at the same time when running a virtual environment on my PC?

    I have Windows 7 running on my main computer at present and that you have a virtual environment installed as an operating system on this computer very.

    I would like to know if I am able to run an internet security on my pc (Windows 7) host program and other internet security on my guest in my virtual environment operating system (pc windows 8)... at the same time.

    I ask this question because... I installed my OS of windows 8 in a virtual environment running inside my Windows 7 OS in order to familiarize yourself with the features of windows 8 and to test the compliance of windows 8 with various hardware components I use... to satisfy my curiosity before I migrate eventually completely to windows 8.

    Part of my tests would involve various software including Internet security applications.

    So the question is... I was able to save my virtual environment with an Internet security program, while having an Internet security program running in the host computer?

    PS my environments hosts and guests are not put networked with the exception of the common external drives and dvd burners. The plan being that the Internet security on my host computer program will have my analysis excluded virtual environment.

    Yes

    The systems are completely separated from each other, will not affect the different AntiVirus on another product.

    If you decide to test another Internet security program don't forget to completely remove the old version on the virtual machine

  • Supported high availability in a virtualized environment

    Hi guys,.

    is it supported software such as Veritas Cluster Server cluster in a real operating system in order to have the high Avalibility for my message store?

    According to the release of the latest Suite of Communication of information, it would be possible, any ideas?

    https://wikis.Oracle.com/display/CommSuite/common+release+information+for+Communications+Suite+7.0.6#CommonReleaseInformationforCommunicationsSuite7.0.6-SystemVirtualizationSupport

    Thank you

    Caius

    As indicated by the release notes as you pointed out, UCS does not specifically support or does not support any given platform virtualizataion - the virtual machine solution must be completely transparent to the application. If the OS and HA solution is supported by the UCS and HA solution running support in this virtual environment, then it is supported.

  • Keyboard does not not in virtual environment

    Hello

    I just bought and installed VMWare Fusion on a Mac Pro running Lion.  I set up a virtual environment with Snow Leopard Server, but my keyboard does not respond within the virtual environment.  It would be like if I didn't have the keyboard hooked up to my computer, if it happened on the actual computer.  He initially worked in the virtual environment after my first installation of the OS, as I was able to type in the various Info configuration, such as user name and password, but it doesn't now.  I searched through this forum and cannot find any solution.  I was hoping someone here could point me in the right direction.

    I notice that when I raise System Profiler, no keyboard is listed under USB devices, so I don't know if that is related to the problem or not.

    Any help in this would be greatly appreciated.

    Thank you

    Dennis

    Strange, indeed: I installed the VMware Tools as the second time, and it worked.

    You can try again and activate the automatic connection this time...

  • OPA on virtualized environment

    Hello

    It is used to recommend that the duration of the OPA has been run on a physical server, but there is a growing demand to run on a virtualized domain. The operation of the OPA on a virtualized environment affect the model of supported somehow; i.e. the Oracle will support the OPA on a virtual server rather than physical?

    Thank you

    You are welcome Roger,.

    For Oracle VM - we fully support this end to end, if you are using a supported operating system.
    For VMWare - we support fully, as long as you are (a) using a supported operating system, and (b) it can be demonstrated that the problem occurs when you do NOT run on VMWare

    Davin.

  • Microsoft Cluster in a virtual environment

    Is it possible to run a Windows 2008 Failover Cluster in a virtual environment using ESX 3.5?

    Kind regards

    Daniel9999

    The Windows 2008 Clusters are only supported with vSphere.

    But if you have an iSCSI storage, you can use a solution 'unsupported' (but functional) using iSCSI initiator inside Windows 2008 SMV to point to a few LUNS shared.

    More info on:

    Software clustering in a VMware environment

    André

  • When I uninstall a virtual environment data created on it get deleted as well?

    Hello

    IM new to VMware. As the topic of my discussions States: get deleted data created on the virtual machine when the virtual environment of comments is removed?

    Thanks in advance.

    I found the link of Ulli on tools and procedures to do so.  http://www.Feyrer.de/g4u/#shrinkimg

    If you found this information useful, please consider awarding points to 'Correct' or 'useful '. Thank you!!!

    Kind regards

    Stefan Nguyen

    VMware vExpert 2009

    iGeek Systems Inc.

    VMware, Citrix, Microsoft Consultant

  • Foglight migration to virtual environment.

    Hello

    We have installed the 5.6.4 Foglight Management Server in a physical server. Due to certain constraints and requirements, we migrate the Foglight to a virtual server.

    Can you please help us in the steps to migrate and also to share articles or links that will be useful for us in the migration process?

    Kind regards

    Guenoun.

    Migrating to a new server FMS is relatively easy.

    Essentially, you to the bottom of the FMS, copy the foglight on the new server installation directory, we hope in the same folder hierarchy and start it again.

    (According to the version of the OS, you will need to install a new service, or change the security or add an entry in init.d, etc.).

    You will also need to redirect your based FGLAM agents for the new IP/DNS to the new server, unless you move the DNS entry at the same time.

    Anything that you can do to make the new structure similar to the old server server will be useful, but Foglight is not that picky.

    It would NOT be a good idea to try to change other things at the same time as the move.  Keep the database of the same, etc. until the move is done and tested.

    In addition, be aware of best practices for a FMS (or any Java application) running on a virtual machine.

    These are extremely important if you want to get any kind of decent performance of Foglight running on a virtual machine.

    http://www.VMware.com/files/PDF/Techpaper/Enterprise-Java-applications-on-VMware-best-practices-guide.PDF

    Finally, remember that your VM will have probably important resources, depending on the size of your environment is.

    You may want to run this by the support, to ensure that you have not sousdimensionnés your VM.

  • Is it easy to install cloud creative in a Citrix Desktop virtual environment

    We are looking to move all our Pc desktop over to a virtual desktop environment, but we have a few users who use creative clouds... How is it difficult to use/install Creative cloud on a virtual office?

    There are organizations that do this and I hope that some of them will share their experiences here.

    Adobe tests only limited in these environments support for environments boundaries virtualized or server-based

  • Adding a DHCP server in my virtual environment so my virtual stuff get IP, instead of vmware dhcp

    Hi all

    I do a laboratory test where I need DHCP Server1. 2 3. ADDC and DNS of the client machines and exchange 2003 environment. I want it to be fully functional and I want my DHCP server to assign the ip address of my entire network, but I don't see any option to add my dhcp in this environment, I tried, but virtual machines take ip from the dhcp server on VMware builtin, could someone guide me how can I make my dhcp added to this environment?

    Eventually this environment will be upgraded for 2013 Exchange and windows 2012r2.

    You must assign a static IP for your DHCP server... after that, try to restart the DHCP service and see if your stations get IP... otherwise, confirm that your DHCP server is authorized on AD.

  • Isolate the virtual environment

    I am trying to create a virtual test environment consisting of workstations, member servers, and domain controllers. I need to isolate this laboratory of the rest of the network to avoid introducing domain controllers and others to our production network. Looking at settings of network card for the VM one workstation I created, the only option is "VM Network". Is there a way to configure the virtual machines where they would be isolated from our network?

    Hello.

    If you are working on a single host ESX (i), you could create a vSwitch with no physical cards assigned to him and use it to the isolated network.  If you work with multiple hosts, you can create a new vSwitch and assign a single physical network adapter that is connected to a remote switch.

    Good luck!

  • How to migrate all the component vmware (ESX, VM) in a virtual environment without any interruption of service?

    Hello

    I have set up a new configuration. I my case, I have install vSRM and I have a Server Virtual Center existing in a Virtual Machine.

    I wan't transfer all information ESX, VM, etc. in a recent new virtual, but I can not interrupt my VM and my ESX!

    I need to transfer my production from one environment to another environment. I can do without the service interription. Is it possible?

    Thanks for your help.

    Set up your new virtual Center Server.

    From there, add the ESX hosts.  They will migrate in the running will all VM.  You have to re-create the structures of folders and resource pools.  Those who don't transfer via;  If you have a cluster try to minimize the number of machines that are running on the first ESX Server that you hover over to minimize the impact of unforeseen problems.

  • Running in a virtual environment

    I have a WIN7 Pro PC with the ability to run a virtual XP XIN.  At the same time, both can be running and accessible.  I wrote a VB6 program in XP mode to access the internet, analyze the data and display the data in a small form on the desktop.  Which works very well.  The question is which form can be places on the WINDOWS 7 Desktop so I reduce the virtual XP machine?  I know that I can not close the XP virtual machine and wait for my VB6 program to continue to function.

    Thank you

    Hello

    I have a WIN7 Pro PC with the ability to run a virtual XP XIN. At the same time, both can be running and accessible. I wrote a VB6 program in XP mode to access the internet, analyze the data and display the data in a small form on the desktop and that works very well.

    You want to know if you can view the results of VB6 in windows 7.

    So, I would like to inform you that it is not possible.

    We can view the results in the same operating systems only.

    Virtual machine and a main machine are two different environments and they do not recognize each other at all. They work independently.

    I hope this explanation helps you. If you have questions related to this issue, I would ask you to post in the forum to which I have provided the link below. This forum will be a better place to find appropriate help on the question you posted.

    https://social.technet.Microsoft.com/forums/Windows/en-us/home?category=w7itpro

    Thank you.

Maybe you are looking for

  • 2305tx paviliong6 HP: hp pavilion g6 self-discharge of battery for laptop

    every night I loaded my hp pavilion g6, but when I turn on every morning it shows 58% and then charge a battery I charge it using my AC adapter / CC and loads up to 100%. This is my battery is defective? although it gives me full 3 hours after full l

  • Satellite M30X-144 DVD - RAM cannot read DVD

    Hello I have a portable Satellite M30X-144 and I'm having a problem with my DVD player (Mat * a DVD - RAM UJ-8315). I can play CDs, but when I put any kind of DVD in there, it does not read anything. What can I do to solve it?

  • HP B110 offline-

    Windows 8 - not marked as offline use, how can I fix it

  • Linksys WRT54G ' upgrade are failed!

    Hello I have the Firmware Version: v4.21.1 and every time I try to update to the last it says "Upgrade are failed!"

  • WENT ON ITUNES TO LOAD DVD PLAYER

    Dear all I bought the Ipod and loading the software iTunes, my dvd drive disappeared. On the uninstall reader DVD re appears. Once again the loading Itunes DVD drive does not appear. Error message in Device Manager is Code 10. PL provide solution so