Planning Worksheet for the VM-Series in the AWS VPC
For ease of deployment, plan the subnets within the VPC and the EC2 instances that you want to deploy within each subnet. Before you begin, use the following table to collate the network information required to deploy and insert the VM-Series firewall into the traffic flow in the VPC:
Subnet (public) CIDR
Subnet (private) CIDR
Subnet (public) Route Table
Subnet (private) Route Table
VM-Series firewall behind ELB
EC2 Instance 1 (VM-Series firewall)
An EIP is only required for the dataplane interface that is attached to the public subnet.
Mgmt interface IP:
Mgmt interface EIP:
Dataplane interface eth1/1
Dataplane interface eth1/2
EC2 Instance 2 (Application to be secured)
Repeat these set of values for additional application(s) being deployed.
Mgmt interface IP:
Dataplane interface 1
Requirements for HA
If you are deploying the VM-Series firewalls in a high availability (active/passive) configuration, you must ensure the following:
Do not attach additional dataplane interfaces to the passive firewall in the HA pair. On failover, the dataplane interfaces from the previously active firewall are moved —detached and then attached—to the now active (previously passive) firewall.
Use Case: Secure the EC2 Instances in the AWS Cloud
Use Case: Secure the EC2 Instances in the AWS Cloud In this example, the VPC is deployed in the 10.0.0.0/16 network with two /24 subnets: ...
AWS Terminology This document assumes that you are familiar with the networking and configuration of the AWS VPC. In order to provide context for the ...
Deploy the VM-Series Firewall from Google Cloud Launcher
Use Google® Cloud Platform Marketplace to deploy the VM-Series firewall with a minimum of three interfaces (Management, Trust, and Untrust). ...
Launch the VM-Series Firewall on AWS
Launch the VM-Series Firewall on AWS If you have not already registered the capacity auth-code that you received with the order fulfillment email, with your ...
Prepare to Set Up the VM-Series Firewall on Google Public Cloud
Prepare to set up a VM-Series firewall on Google Cloud Platform, configure your Google accounts access (including the SSH key pair), plan VPC networks, and ...
Customize the Firewall Template Before Launch (v2.0 and v2.1)
Lists the settings you can modify before you launch the template ...
About the VM-Series Firewall on AWS
About the VM-Series Firewall on AWS The Amazon Web Service (AWS) is a public cloud service that enables you to run your applications on a ...
Deployments Supported on AWS
Deployments Supported on AWS The VM-Series firewall secures inbound and outbound traffic to and from EC2 instances within the AWS Virtual Private Cloud ( VPC ...
Use the VM-Series Firewall CLI to Swap the Management Interface
Use the VM-Series Firewall CLI to Swap the Management Interface If you did not swap the management interface (MGT) with the dataplane interface (ethernet 1/1) ...