To enable applications safely, block known and unknown
threats, and to keep pace with changes in your environment, you
can deploy the VM-Series firewall on vCloud Air with Layer 3 interfaces
in the following ways:
Secure the virtual data center perimeter
the VM-Series firewall as a virtual machine that connects isolated
and routed networks on vCloud Air. In this deployment the firewall
secures all north-south traffic traversing the infrastructure on
Set up a hybrid cloud
—Extend your data center and
private cloud into vCloud Air and use a VPN connection to enable
communication between the corporate network and the data center.
In this deployment, the VM-Series firewall uses IPSec to encrypt
traffic and secure users accessing the cloud.
Secure traffic between application subnets in the vDC
improve security, segment your network and isolate traffic by creating
application tiers, and then deploy the VM-Series firewall to protect
against lateral threats between subnets and application tiers.
The following illustration combines all three deployments scenarios
and includes Panorama. Panorama streamlines policy updates, centralizes
policy management, and provides centralized logging and reporting.