[c-nsp] Nexus V1000 - Feedback?
Maxwell Reid
max.reid at saikonetworks.com
Tue Jun 9 19:41:25 EDT 2009
The ACL"s on the vswitch/nexus are only part of the security
equation. It's using them in combination with vShield Zones at the
ESX level (new feature of v4) that yields the best results.
~Max
On Jun 9, 2009, at 7:39 AM, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 09, 2009 at 12:12:32PM +0100, Sam Stickland wrote:
>> I notice that in all the Cisco marketing material it talks repeatedly
>> about how the guest's security profile will migrate with the VM.
>> However, as far as I can tell NX-OS only offers non-stateful ACLs
>> and no
>> inspection so I'm not sure it's really that useful?
>
> Well, you need to put this in relation to the "standard" VMware switch
> - which can't do ACLs, and where nothing whatsoever will migrate but
> everything (VLAN setup etc) needs to be properly prepated beforhand
> for VMotion to work...
>
> gert
>
> --
> USENET is *not* the non-clickable part of WWW!
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert at greenie.muc.de
> fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list