| ||||||||||||||||||||||||||||||||
Configure network security policies The three elements of the Security policy are promiscuous mode, MAC address changes, and
forged transmits. |
||||||||||||||||||||||||||||||||
Promiscuous mode eliminates any reception filtering that the virtual network adapter would perform so that the guest operating system receives all traffic observed on the wire. By default, the virtual network adapter cannot operate in promiscuous mode. Although promiscuous mode can be useful for tracking network activity, it is an insecure mode of operation, because any adapter in promiscuous mode has access to the packets regardless of whether some of the packets are received only by a particular network adapter. This means that an administrator or root user within a virtual machine can potentially view traffic destined for other guest or host operating systems. The setting for the MAC Address Changes option affects traffic that a virtual machine receives. The setting for the Forged Transmits option affects traffic that is transmitted from a virtual machine.
|
||||||||||||||||||||||||||||||||
You can override the switch-level settings for individual standard port groups by editing the settings for the port group. Edit Security Policy for a vSphere Standard Switch You can override the switch-level settings for individual standard port groups by editing the settings for the port group. Procedure
Edit the Security Policy for a Distributed Port Group Procedure
|
||||||||||||||||||||||||||||||||
References:
|
||||||||||||||||||||||||||||||||
|