Port Mirroring

kornonthebob · ‎11-14-2008

Good day all,

Sorry if there has been a similar post but I couldnt find any usefull info.

I am trying to run Websense on a esxi, but wesense requires Port mirroring in order to read and block web traffic. Now I discovered I need to enable promiscuous mode which now allows the traffic to be seen and logged by websense, but it cannot block traffic although it seems to think that it is.

So my thinking is that the vSwith does not pass the block command to the physical switch where the actual port mirroring is happening.

So my question is, is there a way to bypass using the vSwitch and assign a physical card to the websense vm so it is attached directly to the physical network?

Please ask me questions if this makes no sense.

Thanks.

NTurnbull · ‎11-14-2008

Websense 6.3 deployment guide

Some Websense article saying that running Websense is supported and link to Websense docs.

EDIT: Oh and no, you cannot assign a specific physical nic to a VM in ESX - well, you can in the way of allocating a nic to a vswitch and only having that VM on the vswitch, but the physical nic characteristics are not seen by anything and apart from that, kinda useless of rmonitoring traffic on a switch if your the only box on the switch.. /EDIT

Thanks,

Neil

Thanks, Neil

atbnet · ‎11-14-2008

No, you can only assign physical NICs to virtual switches.

Andy, VMware Certified Professional (VCP),

If you found this information useful please award points using the buttons at the top of the page accordingly.

Andy Barnes
VCP / VCA-DT / MCITP:EA / CCIA
Help, Guides and How Tos... www.VMadmin.co.uk

If you found this information useful please award points using the buttons at the top of the page accordingly.

kornonthebob · ‎11-16-2008

Thanks for the replies,

Have not got it working yet, but seeing that Websense has docuemntation on the matter I will refer there.

Thanks for the responses.

All

Port Mirroring