Mcafee NGFW Firewall driver

Overview
Mcafee NGFW Fwaas driver worked with NGFW L3 plugin to provide the firewall as a service function in openstack. It implement the create/delete/update_firewall operations from l3 agents by translate the rules of openstack firewall into the policy of SMC server. Firewall would work once the SMC server get the policy and upload it to sg-engine VM.



Configuration
1. Refer to link for L3 plugin configuration. https://wiki.openstack.org/wiki/Mcafee_NGFW_L3_Plugin

2. make sure fwaas_plugin added into /etc/neutron/neutron.conf service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin

3. specify NGFW fwaas_driver and edit related key items in /etc/neutron/fwaas_driver.ini to match your environment [fwaas] driver = neutron_fwaas.services.firewall.drivers.mcafee.ngfw_fwaas.NgfwFwaasDriver enabled = True [ngfw] # URL of SMC server smc_url = http://10.20.5.54:8082 # verion of API smc_api_version=5.7 # authenticate key for API call smc_api_auth_key = "vGEv9qAoYCbTwhonV8Bi0002"