5.5. Configuring Virtual Switch Security
Even though vSwitches and dvSwitches are considered to be "dumb switches"—with the exception of the Nexus 1000V—you can configure them with security policies to enhance or ensure Layer 2 security. For vNetwork Standard Switches, you can apply security policies at the vSwitch or at the port group level. For vNetwork Distributed Switches, you apply security policies only at the dvPort group level. The security settings include the following three options:
Promiscuous Mode
MAC Address Changes
Forged Transmits
Applying a security policy to a vSwitch is effective, by default, for all connection types within the switch. However, if a port group on that vSwitch is configured with a competing security policy, it ...
Get Mastering VMware vSphere™ 4 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.