Latest

Part 2: Understanding the Versa Firewall Deployment

Understanding the Versa Firewall Deployment

As a network administrator, you understand the importance of securing your network against cyber threats. That's why you need a robust firewall solution with SDWAN that can effectively manage and control the traffic that enters and exits your network. 

Enter the Versa Firewall deployment, that provides a range of deployment options to keep your network safe and secure.

Fig 1.1- Understanding the Versa Firewall Deployment

Virtual-wire Deployment

 The Virtual-wire deployment mode is like a "bump in the wire" that sits between the physical wire and the network. Think of it like a virtual cord that connects both ends of a cut wire. The Versa FlexVNF emulates this virtual wire by configuring two interfaces as an inline pair, allowing traffic to flow through without any interruptions or delays. 

With the Virtual-wire deployment mode, you can implement security policies on traffic that enters and exits the firewall using the interface.

Layer2 Deployment

If you require VLAN support, the Layer2 deployment mode is the way to go. With Versa FlexVNF's support for VLAN-based sub-interface, you can create multiple sub-interfaces that map to a specific VLAN ID. 

These sub-interfaces identify the traffic for each tenant hosted on the FlexVNF. By configuring the VLAN tags appropriately, you can ensure that traffic flows seamlessly between the sub-interfaces and the corresponding VLAN IDs.

Layer3 Deployment

The Layer3 deployment mode is ideal for routed or Layer 3 interfaces. Each PNIC/VNIC is configured with an IP address, and based on the routing configuration, the traffic from the tenant is forwarded to the interfaces on Versa FlexVNF. 

Versa FlexVNF supports several routing instances or virtual routing functions (VRFs) and can handle static routing, BGP (Border Gateway Protocol), and OSPF (Open Shortest Path First). 

This mode enables you to apply security policies to traffic that enters Versa FlexVNF and route it to the next hop, only if the security policy allows the traffic to be forwarded.

Versa Firewall Deployment Options

As you can see, the Versa Firewall provides a range of deployment options to suit your network's specific needs. Whether you need a Virtual-wire deployment mode, Layer2 deployment mode, or Layer3 deployment mode, Versa FlexVNF has got you covered. 

You can install Versa Firewall as a bare metal or virtual machine, and the security policies are applied to the traffic that enters Versa Firewall using either the physical network interface (PNICs) or the virtual network interfaces (VNICs).

Additionally, Versa Firewall is capable of natively recognizing VLAN tags for incoming traffic and adding appropriate VLAN tags to the outbound traffic. With Versa Firewall, you can rest easy knowing that your network is secure, and your data is protected from cyber threats.