Virtual network functions (VNFs) are individual network services, such as routers and firewalls, running as software-only virtual machine (VM) instances on generic hardware. For example, a routing VNF implements all the functions of a router but runs in a software-only form, alone or along with other VNFs, on generic hardware. VNFs are administered and orchestrated within the NFV architecture.
The virtualization of both NFV and VNF denotes that network functions are implemented in a generalized manner independent of the underlying hardware. VNFs can run in any VM environment in the branch office, cloud, or data center. This architecture allows you to:
- Insert network services in an optimal location to provide appropriate security. For example, insert a VNF firewall in an Internet-connected branch office rather than incur the inefficiency of an MPLS link to hairpin traffic through a distant data center to be firewalled.
- Optimize application performance. Traffic can follow the most direct route between the user and the cloud application using a VNF for security or traffic prioritization. In a VM environment, several VNFs may run simultaneously, isolated from each other, and can be independently changed or upgraded.
The following tables list the third-party firewalls supported by VMware along with the support matrix:
VMware SD-WAN Edge Platform | Edge 520v | Edge 840 | Edge 620 | Edge 640 | Edge 680 |
---|---|---|---|---|---|
Recommended VM Series Firewall Models | VM-50 Lite | VM-100 | VM-50 Lite | VM-100 | VM-100 |
Number of vCPUs available for VM-Series Firewall | 2 | 2 | 2 | 2 | 2 |
Memory available for VNF | 4.5 GB | 6.5 GB | 4.5 GB | 6.5 GB | 6.5 GB |
Storage space available on Edge for VNF | 64 GB | 120 GB | 64 GB | 120 GB | 120 GB |
VMware software version | Release 3.2.0 or later | Release 3.2.0 or later | Release 3.4.3 or later | Release 3.4.3 or later | Release 3.4.3 or later |
Panorama version | Release 8.0.5 or later | Release 8.0.5 or later | Release 8.0.5 or later | Release 8.0.5 or later | Release 8.0.5 or later |
VMware SD-WAN Edge Platform | Edge 520v | Edge 840 | Edge 620 | Edge 640 | Edge 680 |
---|---|---|---|---|---|
Memory available for VNF | 2 GB | 4 GB | 2 GB | 4 GB | 4 GB |
Number of vCPUs available for VNF | 2 | 2 | 2 | 2 | 2 |
Storage available on Edge for VNF | 64 GB | 100 GB | 120 GB | 120 GB | 120 GB |
Maximum Throughput of SD-WAN and Checkpoint VNF | 100 Mbps | 550 Mbps | 100 Mbps | 350 Mbps | 500 Mbps |
VMware software version | Release 3.3.2 or later | Release 3.3.2 or later | Release 3.4.3 or later | Release 3.4.3 or later | Release 3.4.3 or later |
Checkpoint VNF OS version | Release R77.20 or later | Release R77.20 or later | Release R77.20 or later | Release R77.20 or later | Release R77.20 or later |
Checkpoint manager software version | Release 80.30 or later | Release 80.30 or later | Release 80.30 or later | Release 80.30 or later | Release 80.30 or later |
VMware SD-WAN Edge Platform | Edge 520v | Edge 840 | Edge 620 | Edge 640 | Edge 680 |
---|---|---|---|---|---|
Recommended VM Series Firewall Models | VM00, VM01, VM01v | VM00, VM01, VM01v, VM02, VM02v | VM00, VM01, VM01v | VM00, VM01, VM01v, VM02, VM02v | VM00, VM01, VM01v, VM02, VM02v |
Memory available for VNF | 2 GB | 4 GB | 2 GB | 4 GB | 4 GB |
Number of vCPUs available for VNF | 2 | 2 | 2 | 2 | 2 |
Storage available on Edge for VNF | 64 GB | 100 GB | 64 GB | 100 GB | 100 GB |
Maximum Throughput of SD-WAN and FortiGate VNF | 100 Mbps | 500 Mbps | 100 Mbps | 500 Mbps | 500 Mbps |
VMware software version | Release 3.3.1 or later | Release 3.3.1 or later | Release 4.0.0 or later | Release 4.0.0 or later | Release 4.0.0 or later |
FortiOS version | Release 6.0 and 6.2.0 Starting from VMware release 4.0.0, FortiOS version 6.4.0 and 6.2.4 are supported. |
Release 6.0 and 6.2.0 Starting from VMware release 4.0.0, FortiOS version 6.4.0 and 6.2.4 are supported. |
Release 6.4.0 and 6.2.4 | Release 6.4.0 and 6.2.4 | Release 6.4.0 and 6.2.4 |
You can deploy and forward traffic through VNF on an SD-WAN Edge.