Using Infrastrature Navigator for Firewall Rules

I was at a client yesterday that were nearly 100% virtualized, talking about our IPS and Firewall Solutions using Deep Security on ESXi. One of the topics we talked about was how to create firewall rules and what do you was them on if you have an environment that have multiple application communicating to each other. The easy answer for me was that the client could use VMware vCenter Infrastructure Navigator. I have been using this in my lab also to give me insight to what VM and application is communicating to what other VM’s. The information returned by Navigator is very useful in the sense that is presents you with a map of a VM and the following information :

  • Details of the VM
  • Services that runs inside the OS (Like SQL, Remote Desktop..)
  • Listing Ports and process that listen on those ports.

Below is my SQL Server in my Lab. As you can see there is 5 incoming connections on port 1433 and 1434. One can now start to create Firewall rules based on this information.

Ops Navigator

I changed the view to a “Table View” and by doing this the Incoming Dependencies and Outgoing Dependencies is clearly shown. You can now create the rules in such a way that you can define incoming  and outgoing rules.

Ops01

  1. Hi Hugo. Agree VIN is a good product, but needs the ability to export a lot of the captured info. Exporting an image or even a CSV isn’t exactly useful in many situation, especially if you had to report on all those connections. None the les it’s better to have something like VIN.

    • Hi David, I totally agree they do need to improve on the export ability. I do think @lamW have written a post on this before to export some of the information. Need to google that.

      Hugo.

      • I remember the article. It seems the product hasnt had much love recently, hopefully it gets updated reporting wise…

        David

Leave a Reply