VLAN tagging enables you to provide additional security when you have customers accessing applications on a shared grid.
For example, a host provider may have several customers who are on separate VLANs for security purposes and they need to access an application on a grid.
To enable the customer to access the application, the grid must be on the same VLAN as the customer's VLAN.
VLAN tagging support allows hosting providers to assign VLAN IDs to their applications on a shared grid. Typically a gateway appliance is used. This ensures only customers on that VLAN can access the application.
Once you configure the external switch with a VLAN ID, you can assign a VLAN ID to any appliance with an external interface. All external traffic for that appliance must be on the specified VLAN (for both incoming and outgoing network traffic). A VLAN ID property can be created on the application boundary and then redirect all appliances with external interfaces to the VLAN ID property in the application boundary.
In addition, a VLAN ID may be assigned to an entire grid as needed. Once the default VLAN ID is set for a grid, the build system assigns this default VLAN ID to every component with an external interface within the grid.
To configure your application to use VLAN, perform the following steps:
To verify the VLAN ID, access the Network Resources section of the grid dashboard.
The VLAN ID must be within the range of VLAN IDs specified when creating the grid. For information about specifying the VLAN ID ranges, refer to the BFC User Guide.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|