In this short conversation we will talk about monitoring the operations of a vDefend Distributed Firewall implementation.
CuriousTechie: Hello IT Guy! We had a conversation about implementing micro-segmentation here. I began implementing micro-segmentation in our VMware Software Defined Data Center(SDDC) environment using vDefend Distributed Firewall. Multiple engineers work simultaneously to implement the rules and secure their respective applications. I am looking for a way to audit these operations to detect any unintended rule creation, modification or deletion. Can you help me with some pointers to monitor these activities?
ITGuy: In my honest opinion, logs are your best friend when you want to monitor DFW operations. You can very well customize what you want to monitor and how? You can choose dashboards for certain activities and alerts for critical activities.
CuriousTechie: What tools will I need to build these dashboards and alerts?
ITGuy: Some very common ones are vRealize LogInsight aka Aria Operation for Logs here, Splunk here etc. You can use any other log aggregator of your choice to do this.
Continue reading “Monitoring vDefend Distributed Firewall Operations”
Curious-Techies 