About the vGW Security Design VM Tree

You use the VM tree in conjunction with the vGW Security Design VM modules. The VM tree lets you select virtual machines (VMs) to focus on, configure, and view information about.

You can select a group of VMs or an individual VM in the VM tree either by clicking its name or using the filter box. Figure 37 shows VMs belonging to three groups.

Figure 37: VM Tree with Selected VMs

VM Tree with Selected VMs

See Understanding the vGW Security Design VM Taskbar.

VM Tree Overview

In conjunction with the selected vGW Security Design VM module, the VM tree controls the information displayed in the pane beside it. You can select all VMs in the tree, groups of VMs, or a single VM. When you select a module using the taskbar, that module’s content appears as it applies to the VMs that you selected in the VM tree. The module controls the type of information that appears; the tree controls the VMs whose information appears. The combined selections allow you to configure or view information for that module as it pertains to the VMs. For example, to view network traffic for all machines, select All Machines in the tree, and then click the Network icon in the taskbar.

The VM tree contains the following main groups:

Table 4 identifies the icons that show the state of monitored VMs.

Table 4: Virtual Machine State Icons

The VM is being fully monitored, but it is not secured. For example, no firewall policy is loaded.

The VM or the externally defined machine is not being monitored, and it has not been moved to a network secured by vGW Series.

Note: Network reports can display sessions between an unmonitored system and a monitored VM.

vGW Series cannot determine the IP address of the machine. This could be because it is powered down, suspended, or does not have VMware Tools installed.

Tip: You can manually define an IP address by selecting the Settings module’s vGW Application Settings > Machines.

The VMs are compliant.

The VMs are not compliant.

This is a VMware component. For example, it is an ESX/ESXi host.

Locating VMs in a Complex VM Tree

Locating VMs in the VM tree can become difficult as the VM tree grows in complexity. To simplify the process and make it easier to find specific VMs, the VM tree provides a filter with advanced capabilities. You can enter in the filter box a text string that matches VM names within the tree. As you enter the text, the vGW dynamically searches the tree for any matches.

Note: An x icon is shown at the right side of the search field as the filter is being applied. You can use it to clear the filter.

As the filter is applied, the tree is expanded to show matching VMs. You do not need to expand all groups in the tree to find them. Branches in the tree that do not contain matches are collapsed.

You can use the Advanced Filter Editor feature to search the VM tree based on attributes rather than by name.

To use the advanced filter, click the icon at the left side of the search filter. This displays the Advanced Filter Editor shown in Figure 38.

Figure 38: Searching All VMs in the VM Tree Using the Advanced Editor

 Searching All VMs in the VM Tree Using
the Advanced Editor

You can search based on data such as the portgroup, VLAN, and the IP protocol family using attributes such as vi.portgroup, vi.vlan, vi.ipv4, and vi.ipv6. You can also search for VMs by name. See Figure 39.

Figure 39: Searching for Specific VMs in the VM Tree Using the Advanced Editor

Searching for Specific VMs in the VM Tree
Using the Advanced Editor

To remove the filter and collapse the branches, click the x icon to the right of the filter.

Related Documentation