Enabling the Distributed Cloud Firewall Feature
|
If you see a message on the Distributed Cloud Firewall page (Security > Distributed Cloud Firewall) that you require the Aviatrix Universal Subscription, in the cloud marketplace you must subscribe to and accept terms for the correct Aviatrix subscription. For more information on subscribing, see Aviatrix Licensing. Take note of your Customer ID (license) for this offer. If there is no pre-existing customer ID (you are a new user), you entered this customer ID when logging on to CoPilot. You do not need to reset the Customer ID on the License tab before enabling the feature. If you have already subscribed to the Aviatrix Universal Subscription license, you do not need to subscribe again. You can just enable the feature from Configuration > Settings > License in CoPilot. |
|
If you configured the ThreatIQ and/or Geoblocking features prior to Controller version 7.2.4820, in 7.2.4820 you automatically receive a free Distributed Cloud Firewall (DCF) license. If you did not configure the ThreatIQ and/or Geoblocking features prior to Controller version 7.2.4820, you are expected to purchase a DCF license. This will include the ExternalGroup feature. |
To enable the DCF feature:
-
In CoPilot, go to Security > Distributed Cloud Firewall > Rules.
-
Click Enable Distributed Cloud Firewall.
-
Click Begin Using Distributed Firewall.
-
On the Distributed Cloud Firewall message that displays, click Begin.
The Rules tab now displays the default rules, and you can start using DCF.
| If desired, you can enable DCF from the Add-on Features area under Settings > Configuration > License, and then go to the Security > Distributed Cloud Firewall > Rules tab to begin using DCF. |
DCF-Related Features
Assuming that the Distributed Cloud Firewall add-on feature is enabled, you can enable Enforcement on PSF Gateways and/or Enforcement on External Connections from the Feature Previews list if desired. You cannot enable these preview features if DCF is not enabled.