You apply networking policies differently on vSphere Standard Switches and vSphere Distributed Switches. Not all policies that are available for a vSphere Distributed Switch are also available for a vSphere Standard Switch.

Table 1. Virtual Switch Objects Where Policies Apply

Virtual Switch

Virtual Switch Object

Description

vSphere Standard Switch

Entire switch

When you apply policies on the entire standard switch, the policies are propagated to all standard port groups on the switch.

Standard port group

You can apply different policies on individual port groups by overriding the policies that are inherited from the switch.

vSphere Distributed Switch

Distributed port group

When you apply policies on a distributed port group, the policies are propagated to all ports in the group.

Distributed port

You can apply different policies on individual distributed ports by overriding the policies that are inherited from the distributed port group.

Uplink port group

You can apply policies at uplink port group level, and the are policies are propagated to all ports in the group.

Uplink port

You can apply different policies on individual uplink ports by overriding the policies that are inherited from the uplink port group.

Table 2. Policies Available for a vSphere Standard Switch and vSphere Distributed Switch

Policy

Standard Switch

Distributed Switch

Description

Teaming and failover

Yes

Yes

Lets you configure the physical NICs that handle the network traffic for a standard switch, standard port group, distributed port group, or distributed port. You arrange the physical NICs in a failover order and apply different load balancing policies over them.

Security

Yes

Yes

Provides protection of traffic against MAC address impersonation and unwanted port scanning. The networking security policy is implemented in Layer 2 of the networking protocol stack.

Traffic shaping

Yes

Yes

Lets you restrict the network bandwidth that is available to ports, but also to allow bursts of traffic to flow through at higher speeds. ESXi shapes outbound network traffic on standard switches and inbound and outbound traffic on distributed switches.

VLAN

Yes

Yes

Lets you configure the VLAN tagging for a standard or distributed switch. You can configure External Switch Tagging(EST), Virtual Switch Tagging (VST), and Virtual Guest Tagging (VGT).

Monitoring

No

Yes

Enables and disables NetFlow monitoring on a distributed port or port group.

Traffic filtering and marking

No

Yes

Lest you protect the virtual network from unwanted traffic and security attacks or apply a QoS tag to a certain traffic type.

Resources allocation

No

Yes

Lets you associate a distributed port or port group with a user-defined network resource pool. In this way, you can better control the bandwidth that is available to the port or port group. You can use the resource allocation policy with vSphere Network I/O Control version 2 and 3.

Port blocking

No

Yes

Lets you selectively block ports from sending and receiving data.