Introduction
The VSX Administration Guide describes the Virtual System eXtension product that runs several virtual firewalls on the same hardware.
Each Virtual System works as a Security Gateway, typically protecting a specified network. When packets arrive at the VSX Gateway, it sends traffic to the Virtual System protecting the destination network. The Virtual System inspects all traffic and allows or rejects it according to rules defined in the security policy.
In order to better understand how virtual networks work, it is important to compare physical network environments with their virtual (VSX) counterparts. While physical networks consist of many hardware components, VSX virtual networks reside on a single configurable VSX Gateway or cluster that defines and protects multiple independent networks, together with their virtual components.
Example Physical Network Topology
In a typical deployment with multiple Security Gateways, each protects a separate network.
Each physical Security Gateway has interfaces to the perimeter router and to the network it protects.
|
Item |
Description |
|---|---|
|
1 |
Internet |
|
2 |
Router |
|
3 |
Security Gateways |
|
4 |
Network |
Example VSX Virtual Network Topology
Deploy one VSX Gateway with four Virtual Systems to protect multiple networks.
|
Item |
Description |
|---|---|
|
1 |
Internet |
|
2 |
Router |
|
3 |
VSX Gateway. Each Virtual System in a VSX environment is a Security Gateway, with the same security and networking functionality as a physical gateway. Each handles packet traffic to and from the one network it protects. |
|
4 |
Warp Links. Virtual interfaces and network cables connect the Virtual Systems and the Virtual Switch. |
|
5 |
Virtual Switch. Connects all the Virtual Systems to the Internet router. |
|
6 |
Networks |