Understanding vGW Series Integration with vCloud Director

The vGW Security Design VM integrates directly with VMware’s vCloud Director to allow vGW Series to retrieve information from vCloud Director about virtual machines (VMs). After you configure vCloud in the vGW Security Design VM, the information about a VM that it acquires can be used to dynamically associate that VM with vGW Series groups and policies that you create.

VMware vCloud Director

VMware’s vCloud Director Infrastructure-as-a-Service solution allows for rapid provisioning of complete virtual software-defined datacenter services. vCloud Director implements pooling, abstraction, and automation of data center services including storage and networking services. Using it, administrators can provision infrastructure without concern for physical hardware configuration.

Although vCloud Director can be used within an enterprise infrastructure, it is commonly used by cloud-based VM hosting providers.

vGW Series and vCloud

The vGW Security Design VM direct integration with vCloud Director allows it to collect information that is associated with a VM in vCloud Director. Information that vGW Series collects includes:

vGW Security Design VM allows you to define Smart Groups used as policies in which VMs that match the Smart Group criteria are dynamically associated with the group, and its policy is applied to them. The vCloud Director information used in a dynamic group is associated with the vcd.tag property. The information appears as comma separated attrname=value pairs with the organization information appearing as the value for the OrgName attribute, such as OrgName=Org1.

For example, you could define a Firewall policy to be assigned to all VMs belonging to a particular organization. If the Smart Group configuration includes that organization, the Smart Group’s policy is applied to the matching VM.

You might define an Introspection Image Enforcer profile that specifies that all VMs running Windows OS that belong to a particular organization must have installed on them all applications installed on a Gold Image that they are compared to. You could also use the information acquired from vCloud Director in configuring AnitVirus scanning.

vGW Series and vCloud Director integration is characterized as follows:

Requirements

For vGW Security Design VM to be able to integrate with vCloud Director and query it for VM inventory and other operations, the account connecting to vCloud Director must have admin privileges.

Related Documentation