Citrix Systems 4.2 Server User Manual


 
External Guest Firewall Integration for Cisco VNMC (Optional)
167
Public Interface. The name of the public interface on the SRX. For example, ge-0/0/2. A ".x" at
the end of the interface indicates the VLAN that is in use.
Private Interface: The name of the private interface on the SRX. For example, ge-0/0/1.
Number of Retries: The number of times to attempt a command on the SRX before failing. The
default value is 2.
Timeout (seconds): The time to wait for a command on the SRX before considering it failed.
Default is 300 seconds.
Public Network: The name of the public network on the SRX. For example, trust.
Private Network: The name of the private network on the SRX. For example, untrust.
Capacity: The number of networks the device can handle
Dedicated: When marked as dedicated, this device will be dedicated to a single account. When
Dedicated is checked, the value in the Capacity field has no significance implicitly, its value is 1.
19. Click OK.
20. Click Global Settings. Set the parameter external.network.stats.interval to indicate how often you
want CloudPlatform to fetch network usage statistics from the Juniper SRX. If you are not using
the SRX to gather network usage statistics, set to 0.
14.5.3. External Guest Firewall Integration for Cisco VNMC
(Optional)
Cisco Virtual Network Management Center (VNMC) provides centralized multi-device and policy
management for Cisco Network Virtual Services. You can integrate Cisco VNMC with CloudPlatform
to leverage the firewall and NAT service offered by ASA 1000v Cloud Firewall. Use it in a Cisco Nexus
1000v dvSwitch-enabled cluster in CloudPlatform. In such a deployment, you will be able to:
Configure Cisco ASA 1000v firewalls. You can configure one per guest network.
Use Cisco ASA 1000v firewalls to create and apply security profiles that contain ACL policy sets for
both ingress and egress traffic.
Use Cisco ASA 1000v firewalls to create and apply Source NAT, Port Forwarding, and Static NAT
policy sets.
CloudPlatform supports Cisco VNMC on Cisco Nexus 1000v dvSwich-enabled VMware hypervisors.
14.5.3.1. Using Cisco ASA 1000v Firewall, Cisco Nexus 1000v dvSwitch,
and Cisco VNMC in a Deployment
14.5.3.1.1. Guidelines
Cisco ASA 1000v firewall is supported only in Isolated Guest Networks.
Cisco ASA 1000v firewall is not supported on VPC.
Cisco ASA 1000v firewall is not supported for load balancing.