Master NGFW Engine and Virtual NGFW Engine configuration overview

Virtual NGFW Engines are logically separate virtual engine instances on a physical engine device. A Master NGFW Engine is a physical engine device that provides resources for Virtual NGFW Engines. One physical Master NGFW Engine can support multiple Virtual NGFW Engines.

Little configuration is done directly on the Master NGFW Engine. No installation or configuration is done on the Virtual NGFW Engines. Most of the configuration is done using the Management Client. The engines cannot be successfully installed before defining them in the Management Client as outlined in this section.

The tasks you must complete are as follows:
  1. Add Master NGFW Engine elements.
    1. Add Virtual Resource elements.
    2. Add physical interfaces and optionally VLAN interfaces to the Master NGFW Engine.
    3. Assign Virtual Resources to the interfaces that are used by the Virtual NGFW Engines hosted on the Master NGFW Engine.
  2. Add Virtual Firewall, Virtual IPS, or Virtual Layer 2 Firewall elements.
    1. Configure the automatically created physical interfaces.
    2. (Optional) Add VLAN interfaces for the Virtual NGFW Engines.
  3. Bind licenses to specific nodes of the Master NGFW Engine.