vShield Edge provides physical firewall and VPN capabilities at the virtualization level. In this recipe, we will configure a vShield edge appliance to pass traffic from our internal network to the DMZ network in a classic firewall scenario. When the edge appliance is configured, it will look like the following figure:
The installation of vShield Edge is accomplished through the vShield Web Console as introduced in Chapter 7, Configuring vShield Manager. A Core Infrastructure Suite (CIS) or vCloud Networking and Security (vCNS) license must be installed prior to installing vShield App and vShield Edge.
Multiple vShield Edge virtual appliances can be installed per data center within vCenter. Each vShield Edge can have as many as ten uplink ports, which allows for load balancing, NAT, and VPN services. vShield Manager must have been previously installed as a prerequisite.
In order to proceed, we require access to vShield App through the vSphere Client plugin...