Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
101102103104105106107108109110
101
Installing the Engine on a Virtualization Platform
Installing the Engine on a Virtualization Platform
The IPS or Layer 2 Firewall engine can be installed on virtualization platforms that support the
deployment of Open Virtual Format (OVF) templates. The same NGFW software can be used in
the Firewall/VPN role, IPS role, or Layer 2 Firewall role. The engine role is selected during the
initial configuration of the engine. The following role-specific requirements and limitations apply
when the engine is installed on a virtualization platform:
To install the engine on a virtualization platform
1. Install the McAfee Security Management Center as instructed in the McAfee SMC
Installation Guide.
2. (Recommended) Create the resource pool where you will import the virtual appliance
package and configure it according to your requirements.
3. Configure the virtual switches to which the IPS or Layer 2 Firewall Inline Interfaces will be
connected:
Create a new port group and assign All (4095) as the VLAN ID.
Enable the use of promiscuous mode.
4. Download the license at https://my.stonesoft.com/managelicense.do.
5. Download the virtual appliance package at https://my.stonesoft.com/download.do.
The McAfee NGFW virtual appliance package consists of two files: a compressed disk
image file and an OVF file.
The OVF file specifies how the virtualization platform creates the appliance and connects
it in the virtualized environment.
6. Extract the files from the virtual appliance package.
7. Deploy the OVF template according to the deployment procedure for your virtualization
platform.
For detailed configuration instructions, see the product documentation for your
virtualization platform.
8. Map the networks defined in the OVF template to the networks in your virtualized
environment.
Table 11.1 Role-Specific Requirements and Limitations
Role Virtual Network Interface Requirements Limitations for Clusters
IPS A minimum of three virtual network interfaces. Clustering is not supported.
Layer 2 Firewall A minimum of three virtual network interfaces. Clustering is not supported.
What’s Next?
Continue by Configuring the Engine in the Engine Configuration Wizard (page 103).