Application Scenarios for Virtual System
This section describes the application scenarios of virtual systems.
Virtual systems apply to the following scenarios:
Network Isolation for Large and Medium-sized Enterprises
Networks of large and medium-sized enterprises are usually geographically dispersed, with a large number of devices and complex configurations. Departments of enterprises have different security requirements. Meeting such security requirements on large and medium-sized networks involve complex firewall configurations, which are prone to errors. In contrast, the firewall virtualization technology allows you to divide a network into multiple smaller subnets and configure a virtual system for each subnet, making network boundaries clearer and network management easier.
As shown in Figure 1, virtual systems are created on the FW for the R&D, financial, and administrative departments of an enterprise. The administrators of each department have clearly defined permissions, and the departments can communicate based on the policies. The departments can also have different Internet access permissions.
Security Gateway for Cloud Computing Centers
Cloud computing provides computing and storage capabilities over the Internet. To ensure reliable cloud-based services, traffic of different customers must be isolated, protected, and served by necessary resources. With virtual system technology, you can deploy a FW at the egress of a cloud computing center and create a virtual system for each customer to isolate and protect the traffic of different customers.
As shown in Figure 2, enterprises A and B have servers at the cloud computing center. The FW functions as the security gateway at the egress of the cloud computing center. It isolates the traffic of different enterprises and protects the cloud computing center based on the configured security policies.
