Configuring the vGW Series Multi-Center Feature

This topic explains how to configure the Multi-Center feature to synchronize the vGW Security Design VM configuration of a master center to other vGW Security Design VM installations that are connected to different vCenters. The secondary vGW Security Design VM installations are referred to as delegate centers.

You can configure one or more delegate centers. You can select the objects whose configuration is synchronized from the master to a delegate center.

To create a delegate center, you import the OVA, and connect the vGW Security Design VM to the vCenter it is intended to manage. For details on importing the OVA, see Using the OVA Bundled Method to Integrate the vGW Series with the VMware Infrastructure and Using the OVA Single File Method to Integrate the vGW Security VM with VMware.

To configure the Multi-Center feature, you use the Application Settings section of the Settings module. Objects that you synchronize to delegate centers are viewed as global objects from the perspective of the delegate center. As administrator of the master vGW Security Design VM, when you add a new delegate center configuration, you designate the objects that are synchronized to it.

Before you read this topic, read Understanding the Multi-Center Feature.

To add a delegate center to the Multi-Center configuration:

  1. From the master (primary) center, Settings module Application Settings section, select Multi-Center.
  2. At the bottom Multi-Center Configuration pane, click Add.

    The Delegate Center Configuration (Add) pane is displayed.

  3. In the Name field, specify a name for the configuration that represents the delegate center.
  4. In the Hostname/IP field, enter the host name or the IP address of the delegate center.
  5. In the User ID and Password fields, enter the delegate center’s authentication information.
  6. Select the objects to be synchronized.
    • Check Select All, if you want the state of all of the objects in the list to be synchronized from the master vGW Security Design VM to the delegate center that you are defining.
    • If you want only some of the objects to be synchronized from the master vGW Security Design VM to the delegate center, in the Synchronize Objects section select the check box before each object to be synchronized.
      • Global Policy
      • Default Policy
      • Quarantine Policy
      • Policy Groups
      • Monitoring Groups
      • Networks
      • External Machines
      • IDS Signatures
      • Compliance
      • AntiVirus Settings

When you first configure a delegate center, you must identify the delegate center’s certificate.

Warning: If a backup file is created when a delegate center is already configured, the following condition and actions apply: When the master vGW Security Design VM is restored from a backup file, you must save the entries for the delegate vGW Security Design VM centers that are displayed in the master vGW Security Design VM’s Multi-Center table after restoring the backup file. To do so, select the row entry for each delegate center, and press Save.

Before you save the entry for a delegate center, it indicates that the delegate center and the master vGW Security Design VM never communicated. However, the master vGW Security Design VM has the correct delegate center IP address, and both the master and the delegate centers have each others certificates.

