Implement Data Security in NSX

 
VMware NSX Data Security scans and analyzes data on your Virtual Machines and will report the number of violations detected, as well as what files violated your policy. It essentially provides visibility into any sensitive data that is in your environment. There are a couple prerequisites for Data security: vSphield Endpoint must be installed on the same cluster as Data Security, and an IP Pool defined if you would like to assign a specific address.
 
Step 1. Log into the vSphere Web Client and navigate to Networking & Security -> Installation -> Service Deployments
 
1
 
Step 2. Select the + sign to add a new deployment. Select VMware Data Security then click Next
 
2
 
Step 3. Select the Datacenter and Cluster then hit Next
 
3
 
Step 4. Select the Datastore, Network and IP assignment then click NExt
 
4
 
Step 5. Confirm the settings, then click Finish
 
5
 

7 Comments

  1. mokhtar -  June 12, 2015 - 9:23 am 152

    Dear Sean ,
    Please can you tell me why i will use Data security in Production
    if you have Production case ?

    BR
    Mokhtar,

    Reply
    • Sean Whitney -  June 12, 2015 - 11:17 am 153

      Hi Mokhtar,

      NSX data security allows visibility into sensitive data in your virtual environment. You can use it to scan data on the VMs and report the number of violations detected and the files that violated your policy. I think in the HOL it had examples or torrent software, or viruses.

      Thanks,
      Sean

      Reply
      • Alfonso -  October 21, 2015 - 3:04 pm 302

        HOL-1425 lets you play a little bit with the Trend AV Service for Guest Introspection and Network Instrospetion by steering traffic to their IPS, but it does not tell you anything about the integrated NSX Data Security service.

        I’m having trouble finding good documentation about how Guest Introspection works in detail. Would you happen to have it?

        Thanks.
        Alfonso

        Reply
  2. Rajeev -  May 12, 2016 - 6:49 am 464

    Hi Sean

    What is the purpose of specifying the IP Assignment when enabling Data Security.
    My understanding is that the Guest VM will be already having the IP Address.
    What is the purpose of specifying the additional IP Address.

    Reply
    • Krish -  May 14, 2016 - 1:11 am 466

      VMware Datasecurity & Guest Introspection deploys service VM in every host in the cluster. IP Assignment is for that VM not for guest OS. IT could be from IP Pool or DHCP.

      Reply
      • Rajeev -  September 26, 2016 - 12:12 am 527

        Thanks.
        What is the recommendation regarding the IP Pool which needs to be allocated.
        Is it recommended to provide the IP Pool same as the ESXi host segment or else ?

        Reply

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top