Virtual network functions (VNFs) are individual network services, such as routers and firewalls, running as software-only virtual machine (VM) instances on generic hardware. For example, a routing VNF implements all the functions of a router but runs in a software-only form, alone or along with other VNFs, on generic hardware. VNFs are administered and orchestrated within the NFV architecture.
The virtualization of both NFV and VNF denotes that network functions are implemented in a generalized manner independent of the underlying hardware. VNFs can run in any VM environment in the branch office, cloud, or data center. This architecture allows you to:
- Insert network services in an optimal location to provide appropriate security. For example, insert a VNF firewall in an Internet-connected branch office rather than incur the inefficiency of an MPLS link to hairpin traffic through a distant data center to be firewalled.
- Optimize application performance. Traffic can follow the most direct route between the user and the cloud application using a VNF for security or traffic prioritization. In a VM environment, several VNFs may run simultaneously, isolated from each other, and can be independently changed or upgraded.
The following tables list the third-party firewalls supported by VMware along with the support matrix when using Edge Release 4.2.0:
VMware SD-WAN Edge Platform | Edge 520v | Edge 620 | Edge 640 | Edge 680 | Edge 840 | Edge 2000 | Edge 3400 | Edge 3800 |
---|---|---|---|---|---|---|---|---|
Recommended VM Series Firewall Models | VM-50 Lite | VM-50 Lite | VM-100 | VM-100 | VM-100 | * | Not Supported on Release 4.2.0 | Not Supported on Release 4.2.0 |
Number of vCPUs Available for VM-Series Firewall | 2 | 2 | 2 | 2 | 2 | * | * | * |
Memory Available for VNF | 4.5 GB | 4.5 GB | 6.5 GB | 6.5 GB | 6.5 GB | * | * | * |
Storage Space Available on Edge for VNF | 64 GB | 64 GB | 120 GB | 120 GB | 120 GB | * | * | * |
Earliest Supported VMware Release | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Not supported on any release | Release 4.3.0 or later | Release 4.3.0 or later |
Panorama Version | Release 8.1.0 | Release 8.1.0 | Release 8.1.0 | Release 8.1.0 | Release 8.1.0 | * | * | * |
VMware SD-WAN Edge Platform | Edge 520v | Edge 620 | Edge 640 | Edge 680 | Edge 840 | Edge 2000 | Edge 3400 | Edge 3800 |
---|---|---|---|---|---|---|---|---|
Memory available for VNF | 2 GB | 2 GB | 4 GB | 4 GB | 4 GB | * | Not Supported on Release 4.2.0 | Not Supported on Release 4.2.0 |
Number of vCPUs available for VNF | 2 | 2 | 2 | 2 | 2 | * | * | * |
Storage Available on Edge for VNF | 64 GB | 120 GB | 120 GB | 120 GB | 100 GB | * | * | * |
Maximum Throughput of SD-WAN and Checkpoint VNF | 100 Mbps | 100 Mbps | 350 Mbps | 500 Mbps | 550 Mbps | * | * | * |
Earliest Supported VMware Release | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Not supported on any release | Release 4.3.0 or later | Release 4.3.0 or later |
Checkpoint VNF OS Version | Release R77.20.87, R80.20.5 | Release R77.20.87, R80.20.5 | Release R77.20.87, R80.20.5 | Release R77.20.87, R80.20.5 | Release R77.20.87, R80.20.5 | * | * | * |
Checkpoint Manager Software Version | Release R77.20, R80.20 | Release R77.20, R80.20 | Release R77.20, R80.20 | Release R77.20, R80.20 | Release R77.20, R80.20 | * | * | * |
VMware SD-WAN Edge Platform | Edge 520v | Edge 620 | Edge 640 | Edge 680 | Edge 840 | Edge 2000 | Edge 3400 | Edge 3800 |
---|---|---|---|---|---|---|---|---|
Recommended VM Series Firewall Models | VM00, VM01, VM01v | VM00, VM01, VM01v | VM00, VM01, VM01v, VM02, VM02v | VM00, VM01, VM01v, VM02, VM02v | VM00, VM01, VM01v, VM02, VM02v | * | Not Supported on Release 4.2.0 | Not Supported on Release 4.2.0 |
Memory Available for VNF | 2 GB | 2 GB | 4 GB | 4 GB | 4 GB | * | * | * |
Number of vCPUs Available for VNF | 2 | 2 | 2 | 2 | 2 | * | * | * |
Storage Available on Edge for VNF | 64 GB | 64 GB | 100 GB | 100 GB | 100 GB | * | * | * |
Maximum Throughput of SD-WAN and FortiGate VNF | 100 Mbps | 100 Mbps | 500 Mbps | 500 Mbps | 500 Mbps | * | * | * |
Earliest Supported VMware Release | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Release 4.2.0 or later | Not supported on any release | Release 4.3.0 or later | Release 4.3.0 or later |
FortiOS Version | Release 6.0.5, 6.2.0, 6.2.4, 6.4.0, 6.4.2, 6.4.9 |
Release 6.0.5, 6.2.0, 6.2.4, 6.4.0, 6.4.2, 6.4.9 |
Release 6.0.5, 6.2.0, 6.2.4, 6.4.0, 6.4.2, 6.4.9 |
Release 6.0.5, 6.2.0, 6.2.4, 6.4.0, 6.4.2, 6.4.9 |
Release 6.0.5, 6.2.0, 6.2.4, 6.4.0, 6.4.2, 6.4.9 |
* | * | * |
You can deploy and forward traffic through VNF on an SD-WAN Edge.