This topic describes how to move traffic from your VMware sensor and other physical network artifacts to the USM Anywhere virtual network.
This procedure assumes that you have:
- Allocated a spare NIC on your VMware host to pass the SPAN port traffic from the physical network to the virtual network
- Plugged the spare NIC into a SPAN (mirror) port on your switch
Important: We recommend that you SPAN all internal and DMZ firewall ports. This includes all switch ports to which the firewall internal interfaces connect and the port used by the NIC, to which the VMware host connects.
To configure your virtual network and USM Anywhere
Configure a new standard vSwitch specifically for the Switched Port Analyzer (SPAN) target:
- Select the VMware ESX Host in the vSphere client.
- In the upper-right corner, select Configuration and click Add Networking.
- For the Connection Type, select Virtual Machine.
- Select Create a vSphere standard switch and make sure that the spare NIC is associated with the switch.
In Port Group Properties, create a new Network Label called SPAN Target.
Important: It is important to create a new vSwitch dedicated to the SPAN target. Adding a promiscuous port group to an existing vSwitch may cause instability in the hypervisorA middleman that intercepts hardware calls and converts them into something appropriate. This technique means that you can run multiple OSs simultaneously on one set of hardware..
- Click Properties, located next to the new vSwitch.
- Select the vSwitch and click Edit.
- Set Promiscuous Mode to Accept,and click OK.
- Select the SPAN Target port group and make sure that the default security policy permits promiscuous mode there as well.
Select the Network Adapters tab and make sure that your spare NIC is associated with the vSwitch.
- Click Close in the dialog box.
- Edit the USM Anywhere Sensor virtual machine and add a new Ethernet adapter.
- Associate the adapter with the SPAN Target network and save your changes.
- Connect to the USM Anywhere Sensor VM to open the console.
Select Restart from the system menu.
- Press Enter.