Manualshelf

Virtual Connect Enterprise Manager Quick Start Implementation Guide

ManualsBrandsHP ManualsComputer AccessoriesHP Virtual Connect Flex-10/10D Module for c-Class BladeSystem
61626364656667686970
61
Use Case 3: Using Network Access Groups (NAG)
One of new features introduced in Virtual Connect 3.30 and VCEM 6.3.1 is Network Access Groups
(NAG).
Within VCM, you can define Network Access Groups (NAG) to manage groups of networks. Assigning
networks to a server profile prevents the use of networks outside of an assigned group, or NAG (for
example, in the case of Intranets and Extranets). You associate each server profile with one NAG, but
you can assign multiple server profiles to the same NAG. As a result, you cannot assign a network to a
server profile unless that network is a member of the NAG associated with that server profile.
With NAG, the user can group some networks into a logical Network Access Group (NAG). After that,
when the user assigns a network in the server profile, the user can first pick a NAG already defined in the
LAN settings and then he can only see networks under this NAG and can pick the network from this
range to assign to server port. This feature introduces another layer of security and improves virtual
connect profile security. This improves usability in reducing the chance a system administrator will assign
the wrong networks to server port.
To create a NAG, we need to do it at the individual domain VC manager level, not the VCEM level.
Remember that VCEM will only control server profile operation. For any LAN/SAN configuration change
(including NAG), changes need to be made in VCM. In order to be able to edit in VCM, we need to first
pick a VC domain and put it into “Maintenance” mode. After making the change in VCM, we’ll “complete”
the maintenance mode on the VCEM console. All LAN/SAN configuration will be synched to all
enclosures under the same VCEM domain group.
In this test, we’ll
From VCEM, put VC domain 1 into maintenance mode.
Create two NAGs in VC domain 1 called ESX and Linux. ESX NAG will include all networks
related with ESX deployment and Linux will include all networks related with Linux deployment.
Complete VC domain 1 maintenance mode
Create a server profile in VCEM leveraging the newly created Linux NAG and assign the profile to
a server in enclosure 2
Verify in enclosure 2 VC domain, the profile is rightly defined and applied to the local blade
server.