Master NGFW Engines and Virtual NGFW Engines
Master NGFW Engines are physical devices that provide resources for multiple Virtual NGFW Engines.
Any
NGFW Engine that has a license that allows the creation of Virtual Resources can be used as a Master NGFW Engine. Virtual NGFW Engines are represented by the following elements in the
SMC:
- Virtual Firewall is a Virtual NGFW Engine in the Firewall/VPN role.
- Virtual IPS engine is a Virtual NGFW Engine in the IPS role.
- Virtual Layer 2 Firewall is a Virtual NGFW Engine in the Layer 2 Firewall role.
Each Master NGFW Engine can only host one Virtual NGFW Engine role. To use more than one Virtual NGFW Engine role, you must create a separate Master NGFW Engine for each Virtual NGFW Engine role. Each Master NGFW Engine must be on a separate physical Master NGFW Engine device.