Solved: FW - DfW - FW VM what the difference ? what avanta...

vmware3222 · ‎07-22-2016

Hi for all,

I'm confused

i can't see the avantages for NSX FW

what is the difference except that he is in the kernel

Thank you

RPolisuk · ‎07-25-2016

I am only using NSX firewall. So it is very much possible.

Richard

View solution in original post

RPolisuk · ‎07-24-2016

NSX has two kinds of firewalls - Distributed Firewall (DFW) and Edge Firewall. Both serve different purposes. The Edge firewall is the firewall you use in the "North/South" case to protect your network from external connections. I am using it as an Internet firewall. The Distributed Firewall protects the actual VM which is more for "East/West" protection. I will be using it to only allow Internet VPN users access to a group of VMs. It can be used to only allow or prevent ports directly to the VM. You are correct that the DFW is in the kernel of the ESX node whereas the Edge Firewall runs as a VM.

I hope this helps a little. I would be happy to answer to the best of my knowledge any other questions you may have.

Richard

vmware3222 · ‎07-24-2016

Thank you very much Richard

yes i have another question .

is it possible to use only nsx FW or a physical FW is necessary ?

RPolisuk · ‎07-25-2016

I am only using NSX firewall. So it is very much possible.

Richard

vmware3222 · ‎07-25-2016

Thank you Richard

All

FW - DfW - FW VM what the difference ? what avantages for NSX FW