Understanding the vGW Series Architecture

vGW Series is a fault-tolerant service provider and enterprise grade security solution that is purpose-built for the virtualized environment. Not only does it secure virtual machines (VMs), but it also protects the hypervisor. When it is deployed into the VMware environment and the vGW Security VM is installed on a VMware ESX/ESXi host, the vGW kernel module (vGW engine) is loaded into the host’s hypervisor between the virtual network installation card (vNIC) and the virtual switch (vSwitch). The VMware VMsafe module gives vGW Series full protocol inspection of every VM.

vGW Series does not depend on the virtual switching layers for its oversight of VMs. Consequently, whichever vSwitch is used has no bearing on vGW Series. It is compatible with them all.

Note: VMware lets you create abstracted network devices called virtual switches (vSwitches). A vSwitch routes traffic internally between virtual machines and it links to external networks. A vSwitch can be connected to physical switches.

In the VMware virtualized environment, port groups are used to aggregate multiple ports under a common configuration. They serve as an anchor point for virtual machines that connect to labeled networks.

The vGW Security Design VM makes configuration changes in the VMware vCenter automatically. This lowers administrative complexity and reduces the possibility of configuration errors. Figure 1 shows the vGW Series integration with VMware ESX/ESXi hosts and vCenter. Figure 1 also shows that:

Related Documentation