Specifications
38 VM-Series Deployment Guide
Secure North-South Traffic with the VM-Series Firewall Set Up a VM-Series Firewall on the Citrix SDX Server
Go back to Secure North-South Traffic with the VM-Series Firewall, or see Secure East-West Traffic with the
VM-Series Firewall.
For an overview of the deployments, see Supported Deployments—VM Series Firewall on Citrix SDX.
Deploy the VM-Series Firewall Before the NetScaler VPX
The following example shows how to deploy the VM-Series firewall to process and secure traffic before it
reaches the NetScaler VPX. In this example, the VM-Series firewall is deployed with virtual wire interfaces, and
the client connection requests are destined to the VIP on the NetScaler VPX. Note that you can deploy the
VM-Series firewall using L2 or L3 interfaces, based on your specific needs.
Step 4 Create a basic policy rule to allow traffic
through the firewall.
This example shows how to enable traffic
between the NetScaler VPX and the web
servers.
1. Select
Policies > Security, and click Add.
2. Give the rule a descriptive name in the
General tab.
3. In the
Source tab, set the Source Zone to the client-side zone
you defined. In this example, select client.
4. In the
Destination tab, set the Destination Zone to the
server-side zone you defined. In this example, select server.
5. In the
Application tab, click Add to select the applications to
which you want to allow access.
6. In the
Actions tab, complete these tasks:
a. Set the
Action Setting to Allow.
b. Attach the default profiles for antivirus, anti-spyware,
vulnerability protection and URL filtering, under
Profile
Setting
.
7. Verify that logging is enabled at the end of a session under
Options. Only traffic that matches a security rule will be logged.
Set up the VM-Series Firewall to Process North-South Traffic Using L2 or Virtual Wire Interfaces (Continued)