You are here: Configure Virtual Switches > Platforms > VMWare ESXi 5.5

TOC & Recently Viewed

Recently Viewed Topics

VMWare ESXi 5.5

Configuring the virtual switch provided with VMware ESXi for monitoring uses a port group set for promiscuous mode. Only attach VMs to this port group that will be used to monitor the traffic. Any VM using this port group has the ability to monitor all traffic.

Configure the ESX Management Portal

The following steps are performed on the ESX Management Portal.

  1. Log in to the ESX management portal and navigate to the Configuration tab for the ESXi host.
  2. From the Hardware list, select Networking. Click Properties.

  3. Under the Ports tab, click Add to create a new port group.

  4. Select Virtual Machine.

  5. Click Next.
  6. Set a descriptive name for the new port group and a VLAN ID, if desired. Setting the VLAN ID to 4095 utilizes the special VMware VLAN to monitor all other VLANs.

  7. Click Next and then Finish. You return to the Properties page.
  8. Select your new port group and click Edit.

  9. On the port group properties page, select the Security tab and click on the checkbox next to Promiscuous Mode.
  10. From the drop-down menu select Accept.

  11. Click OK.

Configure the PVS VM

The following steps are performed on the Properties tab of the PVSPassive Vulnerability Scanner VM within the VM platform. For further guidance on configuring PVS please refer to the PVS User Guide available on the Tenable Support Portal.

  1. Navigate to the Properties tab of the PVS VM within the VM Platform.

  2. In the Properties area of the adapter settings, set the network connection’s Network Label field to the newly created port group.

  3. Click OK.
  4. Start the PVS VM and configure the PVS to use the promiscuous network adapter for monitoring.
  5. Start (or restart) the PVS service with the new settings. Network traffic on the virtual switch is now collected by the PVS.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.