Deploy the VM-Series Firewall on Cisco ENCS

Deploy the VM-Series firewall from NFVIS.
Before you begin to deploy the firewall, make sure that you have created network connections for management access to the VM-Series firewall. If you are using Panorama, ensure that Panorama has management connectivity to the firewall.
  1. Deploy the VM-Series firewall.
    1. In Enterprise NFVIS, click
      VM Life Cycle
      Deploy
      .
    2. Drag the firewall icon to the appropriate network. In this example, the firewall connects to a management network and a LAN network.
      encs-deploy.png
    3. Deploy
      the VM-Series firewall.
      If you are using Panorama to manage the firewall, the firewall displays as
      Connected
      on
      Panorama
      Managed Devices
      Summary
      . If the firewall is not connected to Panorama, check that you have provided the correct Panorama IP address and that the devices can communicate over the network.
      encs-pano-connect.png
  2. Configure the VM-Series firewall dataplane interfaces.
    See configure a Layer 3 interface, configure a Layer 2 interface, or configure virtual wires. If using Panorama, the following steps show you how to configure the firewall for a Layer 3 deployment.
    1. Add a template and assign the firewall to the template.
    2. Select the
      Network
      and in the Template drop-down, select the template you created.
    3. Select
      Network
      Interfaces
      Ethernet
      .
    4. Click
      ethernet 1/1
      and configure as follows:
      • Set
        Interface Type
        to
        Layer3
        .
      • On the
        Config
        tab, assign the interface to the default router.
      • Also on the
        Config
        tab, expand the
        Security Zone
        drop-down and select
        New Zone
        . Define a new zone called
        UnTrust
        for example, and then click
        OK
        .
      • On the
        IPv4
        tab, select
        DHCP Client
        or
        Static
        . If you choose static, enter the IP address.
      encs-layer3-config.png
    5. Repeat b-e for each network interface.
    6. Commit
      Commit and Push
      to commit all configuration changes to Panorama and the managed firewalls.
      Verify that the link state for the firewall interfaces is up.
      encs-pano-commit.png
  3. Configure Security policies to safely enable applications and users on your network.
    If using Panorama, the following steps show you how to use device groups to centrally manage policy rules for your managed firewalls.
    1. Add a device group and assign the managed firewalls to your device group.
      encs-dev-group.png
    2. Configure the security policies for the device group.
  4. Verify that the VM-Series firewall is securing traffic on your network.

Recommended For You