Tag: networking

Posted on

Understanding vDefend Firewall Directionality

A brief discussion about understanding directionality in vDefend Firewalls

CuriousTechie: Hello IT Guy! I have been playing around different options of implementing vDefend Distributed Firewalls. I see an option of Direction in the firewall rules (In-Out). Can you help me understand how does that work?

ITGuy: Sure! The direction in the rule is always with context to the VM(workload).

Rule Direction = In = Traffic will be allowed/disallowed to enter the VM = Ingress to the VM

Rule Direction = Out = Traffic will be allowed/disallowed to exit the VM = Egress from the VM

CuriousTechie: Then why do we have the default as In-Out?

Continue reading “Understanding vDefend Firewall Directionality”
Posted on

Understanding ALGs with vDefend Distributed Firewall

A brief discussion about Application Level Gateways and their use with vDefend Distributed Firewall

CuriousTechie: Hello IT Guy! I am implementing Distributed Firewall in my SDDC environment. I have created a DFW rule to allow FTP access on TCP port 21, users are able to login to FTP server but not able to move files around. Can you help me to troubleshoot this issue?

ITGuy: Sure! Can you show me the DFW rule you have created for the FTP access?

CuriousTechie: Here is the rule

ITGuy: The problem is evident! You are using a normal TCP port instead of an ALG.

Continue reading “Understanding ALGs with vDefend Distributed Firewall”