Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
61626364656667686970
68
Chapter 8 Configuring Master Engines and Virtual Layer 2 Firewalls
Configuration Overview
Virtual Layer 2 Firewalls are logically-separate Virtual Security Engines that run as virtual engine
instances on a physical engine device. A Master Engine is a physical engine device that provides
resources for Virtual Security Engines. One physical Master Engine can support multiple Virtual
Layer 2 Firewalls.
Each Master Engine can support one Virtual Security Engine role (Firewall/VPN, IPS, or Layer 2
Firewall). To use more than one Virtual Security Engine role, you must create a separate Master
Engine for each Virtual Security Engine role. Each Master Engine must be on a separate physical
Master Engine device.
The tasks you must complete are as follows:
1. Add a Master Engine element. See Adding a Master Engine Element (page 69).
2. Add a Virtual Resource element. See Adding a Virtual Resource Element (page 70).
3. Define Physical Interfaces and optionally VLAN Interfaces for the Master Engine, and
assign Virtual Resources to the interfaces. See Adding Physical Interfaces for Master
Engines (page 71) and Adding VLAN Interfaces for Master Engines (page 74).
4. Add a Virtual Layer 2 Firewall element. See Adding a Virtual Layer 2 Firewall Element
(page 78).
5. Configure Physical Interfaces and optionally VLAN Interfaces for the Virtual Layer 2
Firewall. See Configuring Physical Interfaces for Virtual Layer 2 Firewalls (page 79) and
Adding VLAN Interfaces for Virtual Layer 2 Firewalls (page 80).
6. Bind Management Server POL-bound licenses to specific nodes in the Master Engine. See
Binding Engine Licenses to Correct Elements (page 81).