Page Comparison

The platform provides a unified interface to firewalls in varied cloud environments. 

This section describes firewall policies, which are similar to security groups. The platform supports firewall policies in private cloud with network managers (NSX, NSX-T) and in public cloud.

Abiquo firewall policies represent.

• AWS security groups

• Azure firewall policies

• GCP firewall rules

• OCI network security groups

For more details, please see the public cloud features table for each provider.

In vCloud Director, the platform also supports classic firewalls, which are Edge firewalls at level of the public cloud region (orgVDC). See Manage classic firewalls. 

The synchronization process will onboard firewalls and it will update the platform's information about firewalls that already exist in the cloud provider. The platform synchronizes automatically when you onboard virtual resources from public cloud. Depending on the provider, the platform may support synchronization at the level of the location (public cloud region) or virtual datacenter.

To synchronize firewalls do these steps:

1. In the myCloud view go to Virtual datacenters, or Locations, or for Google Cloud Platform select the Global view

2. Go to Network → Firewalls

3. Click the double-arrow synchronize button 

To synchronize a firewall in AWS before you add new firewall rules:

1. Select the firewall and click the double-arrow synchronize button

The platform can create firewall policies in virtual datacenters in the provider, or in the platform only, for later use in providers, depending on provider support.

To create a new firewall, do these steps:

1. Go to Virtual datacenters → Network → Firewalls

   1. For GCP go to Global → Network → Firewalls

2. Click the Add button

3. Enter the firewall details

   1. In GCP, if you assign a firewall to a Virtual datacenter, you can then use it as a default firewall

   2. In VCD, if you do not select a Virtual datacenter, the platform will create the firewall in the platform only, not in the provider

      Image RemovedImage Added

4. Click Save to create the firewall

5. Add Firewall rules as describe in Create firewall rules.

When you edit a firewall, you can add tags to group resources. You can then go to Control view to manage tagged resources.

To manage tags for a firewall, edit the firewall, go to Tags, and add tags.

For more details, see Edit resource tags

You can display and manage firewalls in the platforms at the level of the virtual datacenter or the location (public cloud region or datacenter).

To display firewalls in a virtual datacenter in a provider:

1. Go to Virtual datacenters → select a virtual datacenter → Network → Firewalls

   Image RemovedImage Added

To display all firewalls in Google Cloud Platform

1. Go to myCloud → Global view → select the GCP provider → Networks → Firewalls

To display all firewalls in a location (public cloud region or datacenter):

1. Go to Cloud virtual datacenters view → Locations

2. Select a location

3. Go to Network → Firewalls

   Image RemovedImage Added

   Firewalls that do not exist in the provider are grayed out, and you should delete these firewalls.

To display firewalls in an Azure Resource Group:

1. Go to Cloud virtual datacenters view

2. Go to Global → Azure → Resource Groups → select a resource group

3. To display the details of the firewall, edit the firewall