Running FlexEdge Secure SD-WAN Engines as Master FlexEdge Secure SD-WAN Engines
There are some hardware requirements and configuration limitations when you use an Secure SD-WAN Engine as a Master Secure SD-WAN Engine.
Running the Secure SD-WAN Engine as a Master Secure SD-WAN Engine does not require a third-party virtualization platform. When you run Secure SD-WAN Engine as a Master Secure SD-WAN Engine, the Secure SD-WAN Engine hardware provides the virtual environment and resources for the hosted Virtual Secure SD-WAN Engines. You must always install the Secure SD-WAN Engine software on a hardware device to run the Secure SD-WAN Engine as a Master Secure SD-WAN Engine.
You can run Master Secure SD-WAN Engines on the following types of hardware platforms:
- Purpose-built Secure SD-WAN Engine appliances with 64-bit architecture
- Third-party hardware with 64-bit architecture that meets the hardware requirements
For information about system requirements, see the Release Notes.
- Each Master Secure SD-WAN Engine must run on a separate 64-bit physical device.
- All Virtual Secure SD-WAN Engines hosted by a Master Secure SD-WAN Engine or Master Secure SD-WAN Engine cluster must have the same role and the same Failure Mode (fail-open or fail-close).
- Master Secure SD-WAN Engines can allocate VLANs or interfaces to Virtual Secure SD-WAN Engines. If the Failure Mode of the Virtual IPS engines or Virtual Layer 2 Engines is Normal (fail-close) and you want to allocate VLANs to several engines, you must use the Master Secure SD-WAN Engine cluster in standby mode.