Specifications
VM-Series Deployment Guide 25
Set Up a VM-Series Firewall on the Citrix SDX Server System Requirements and Limitations
System Requirements and Limitations
This section lists requirements and limitations for the VM-Series firewall on the Citrix SDX server.
Requirements
You can deploy multiple instances of the VM-Series firewall on the Citrix SDX server. Because each instance of
the firewall requires a minimum resource allocation—number of CPUs, memory and disk space—on the SDX
server, make sure to conform to the specifications below to ensure optimal performance.
Limitations
The VM-Series firewall deployed on the Citrix SDX server has the following limitations:
Up to 24 total ports can be configured. One port will be used for management traffic and up to 23 can be
used for data traffic.
Jumbo frames are not supported.
Link aggregation is not supported.
For the supported deployments, see Supported Deployments—VM Series Firewall on Citrix SDX.
Requirement Detail
SDX platforms • 11500, 13500, 14500, 16500, 18500, 20500;
• 17550, 19550, 20550, 21550
SDX version 10.1+
10.1 is not supported; a software version higher then 10.1. is required.
Citrix XenServer version 6.0.2 or later
Minimum System Resources
Note Plan and allocate the total number of data
interfaces that you might require on the
VM-Series firewall. This task is essential
during initial deployment, because
adding or removing interfaces to the
VM-Series firewall after initial
deployment will cause the data interfaces
(Eth 1/1 and Eth 1/2) on the VM-Series
firewall to re-map to the adapters on the
SDX server. Each data interface
sequentially maps to the adapter with the
lowest numerical value, and this
remapping can cause a configuration
mismatch on the firewall.
• Two vCPUs per VM-Series firewall. One will be used for the for the
management plane and one for the dataplane. You can add vCPUs
in the following combinations: 2, 4, or 8 vCPUs; additional vCPUs
are assigned to the dataplane.
• Two network interfaces: one dedicated for management traffic and
one for data traffic. For management traffic, you can use the 0/x
interfaces on the management plane or the 10/x interfaces on the
dataplane. Assign additional network interfaces for data traffic, as
required for your network topology.
• 4GB of memory (5GB for VM-1000-HV). If you allocate additional
memory, it will be used by the management plane only.
• 40GB of virtual disk space. You can add additional disk space of
40GB(minimum) to 2TB (maximum). The additional disk space is
used for logging purposes only.