Free Preparation Discussions
MENU
Palo Alto Networks Exam PSE-SoftwareFirewall Topic 1 Question 19 Discussion
Topic #: 1
A customer in a VMware ESXi environment wants to add a VM-Series firewall and partition an existing group of virtual machines (VMs) in the same subnet into two groups. One group requires no additional security, but the second group requires substantially more security.
How can this partition be accomplished without editing the IP addresses or the default gateways of any of the guest VMs?
Creating a New Virtual Switch:
By creating a new virtual switch, you can segment the network within the ESXi environment. The VM-Series firewall can then be used to provide security controls between these virtual switches using virtual wire mode.
Palo Alto Networks VM-Series Deployment Guide
Moving Guests to New Virtual Switch:
Guests requiring additional security are moved to the new virtual switch, allowing the VM-Series firewall to inspect and control traffic between the switches. This setup does not necessitate changes to the existing IP addresses or default gateways of the VMs.
Palo Alto Networks VM-Series Virtual Wire Mode
Currently there are no comments in this discussion, be the first to comment!