What security feature allows only specific virtual machines to connect to the same port group on a virtual switch?

Private VLANs are a feature that enhances the security and isolation of virtual machines within a virtual switch. By using private VLANs, you can define specific rules that limit connectivity between virtual machines on the same port group. This means that not all virtual machines connected to a particular port group can communicate with each other, allowing for finer control over network access. This is particularly useful in multi-tenant environments or when certain VMs should operate in isolation from one another while still being part of the same broader network segment.

In contrast, port mirroring is primarily used for monitoring and capturing traffic rather than security. MAC address filtering could limit the devices that can connect based on their MAC addresses, but it does not segment traffic within the same VLAN effectively. Traffic shaping is focused on managing bandwidth and controlling the flow of traffic rather than on security and access control. Therefore, private VLANs are the appropriate solution for restricting access between virtual machines within the same port group on a virtual switch.