The VMguy

Wow this is a major update for vShield.  The new version 4.1 can be downloaded here.  You may also try a 60-day eval version here.  Nice new feature set from the what’s new section of the release notes for each of the 3 sub-components:

vShield 4.1 adds new components and usability enhancements.

• New License-Based Components
  • vShield Edge: vShield Edge provides network edge security and gateway services to isolate the virtual machines in a port group, vDS port group, or Cisco Nexus 1000V. The vShield Edge connects isolated, stub networks to shared (uplink) networks by providing common gateway services such as DHCP, VPN, NAT, and Load Balancing. The key features of vShield Edge are as follows:
    • Stateful Inspection Firewall
      Inbound and outbound connection control with rules based on source and destination IP address and port
    • Network Address Translation
      • IP address translation to/from the virtualized environment
      • Masquerading of virtual datacenter IP addresses to untrusted locations
    • Dynamic Host Configuration Protocol
      • Automatic IP address provisioning to virtual machines in vSphere environments
      • Administrator-defined parameters: address pools, lease times, dedicated IP addresses, etc.
    • Site-to-Site VPN
      • Secure communication between virtual datacenters (or edge security virtual machines)
      • IPsec VPN based on the Internet Key Exchange (IKE) protocol
    • Web Load Balancing
      • Inbound load balancing for all HTTP traffic
      • Round-robin algorithm
      • Support for sticky sessions
    • Port Group Isolation
      • Enforced at hypervisor layer to restrict traffic within a virtual datacenter to specified port groups
      • Same effect as VLANs in virtual or physical switch environments
    • Flow Statistics
      • Virtual datacenter resource utilization metered and attributed back to tenant
      • Statistics accessible through REST APIs and leveraged in service provider chargeback applications
    • Policy Management
      Support for integration with enterprise IT security management tools
  • vShield App: vShield App is an interior, vNIC-level firewall that allows you to create access control policies regardless of network topology. A vShield App monitors all traffic in and out of an ESX host, including between virtual machines in the same port group. vShield App includes traffic analysis and container-based policy creation. The key features of vShield App are as follows:
    • Hypervisor-Level Firewall
      • Inbound/outbound connection control enforced at the virtual NIC level through hypervisor inspection, supporting multihomed virtual machines
      • Ability to enforce based on network, application port, protocol type (TCP, UDP), application type
      • Dynamic protection as virtual machines migrate
      • IP-based stateful firewall and application layer gateway for a broad range of protocols including Oracle, Sun Remote Procedure Call (RPC), Microsoft RPC, LDAP and SMTP
    • Flow Monitoring
      Ability to observe network activity between virtual machines to help define and refine firewall policies, identify botnets and secure business processes through detailed reporting of application traffic (application, sessions, bytes)
    • Security Groups
      Administrator-defined, business-relevant groupings of any virtual machines by their virtual NICs
    • Policy Management
      • Policy enforcement on security groups, vCenter containers, and TCP 5 tuple (source IP, destination IP, source port, destination port, protocol)
      • Programmable interface for management and policy enforcement using REST APIs
      • Support for integration with enterprise security management tools
  • vShield Endpoint: vShield Endpoint delivers an introspection-based antivirus solution. vShield Endpoint uses the hypervisor to scan guest virtual machines from the outside without a bulky agent. vShield Endpoint is efficient in avoiding resource bottlenecks while optimizing memory use. The key features of vShield Endpoint are as follows:
    • Antivirus and Anti-Malware Offloading
      • File scanning and other tasks are offloaded from virtual machines to a security virtual machine.
      • VMware Endpoint ESX Module manages communication between virtual machines and the security virtual machine, using introspection at the hypervisor layer.
    • Antivirus and Anti-Malware Service Across Virtual Machines
      Antivirus engine and signature files are only updated within the security virtual machine, but policies can be applied across all virtual machines on a vSphere host.
    • Enforce Remediation
      • Pre-defined policies dictate whether a malicious file should be deleted, quarantined or otherwise handled.
      • vShield Endpoint driver manages file remediation activity within the virtual machine.
    • Partner Integrations
      Integration of vShield Endpoint with security virtual machine solutions from VMware partners is facilitated through VMware EPSEC, which provides a library and API for introspection into file activity at the hypervisor layer.
    • Policy and Configuration Management
      • vShield Manager provides full-featured configuration of vShield Endpoint policies.
      • vCenter activates vShield capabilities on vSphere.
      • REST APIs allow customized integration of vShield Endpoint capabilities into solutions.
• Usability Enhancements
  • Broader vSphere Client Integration: After registering the vShield Manager as a vSphere Client plug-in, you can use the vSphere Client to install and configure vShield components and features.
  • System Management via REST API: You can install and manage vShield components via REST API. For more information, see the vShield API Programming Guide.