: Deploy the VM-Series Firewall on Alibaba Cloud
Focus
Focus

Deploy the VM-Series Firewall on Alibaba Cloud

Table of Contents
End-of-Life (EoL)

Deploy the VM-Series Firewall on Alibaba Cloud

Learn how to use the Alibaba Cloud console to create the networks to deploy the VM-Series firewall with multiple interfaces.
The VM-Series firewall assumes a minimum of three interfaces: management, untrust, and trust. When you create an Alibaba Cloud VPC, it is logically isolated. To segment your virtual private network into subnets you create VSwitches, each having its own CIDR block. Because the VM-Series firewall has multiple interfaces, it can inspect traffic on all subnets.
Typically external inbound traffic encounters the VM-Series firewall untrust interface. The firewall inspects the inbound traffic and sends it to an application through the trust interface. Return traffic from the application goes to the firewall’s trust interface. The firewall inspects the return traffic and sends it out through the untrust interface.
The following tasks demonstrate how to use the console to create the VM-Series firewall infrastructure.