Data Center Firewalls Flashcards
What are the two types of firewalls in NSX-T Data Center?
The two types of firewalls in NSX-T Data Center are gateway firewall and distributed firewall.
What is the purpose of the gateway firewall?
The gateway firewall is used at the perimeter of the data center to protect traffic to and from physical environments, also known as North-South traffic.
What are the features of the gateway firewall?
The gateway firewall applies to Tier-0 and Tier-1 gateways, requires the deployment of an NSX Edge cluster, and supports both stateless and stateful firewall rules.
What is the purpose of the distributed firewall?
The distributed firewall protects traffic between virtual machines and containers within the data center, also known as East-West or lateral traffic.
What are the features of the distributed firewall?
The distributed firewall is a distributed solution that runs on each transport node, is applied to the virtual machine vNIC, and supports layer 2, layer 3, and context-aware (layer 7) firewall rules. It also supports Identity Firewall for Windows systems.
How are firewall rules processed?
Firewall rules are processed top to bottom, and each packet is matched against the first rule in the policy. The first rule that matches the traffic parameters is applied, and subsequent rules are not evaluated.
