Mcafee NGFW Firewall driver
Overview
Mcafee NGFW Fwaas driver worked with NGFW L3 plugin to provide the firewall as a service function in openstack. It implement the create/delete/update_firewall operations from l3 agents by translate the rules from firewall db into the policy which SMC server could accept. Firewall would work once the SMC server get the policy and upload it to sg-engine.
Configuration
1. Refer to link xxxx for L3 plugin configuration.
https://wiki.openstack.org/wiki/Mcafee_NGFW_L3_Plugin
2. make sure fwaas_plugin added into /etc/neutron/neutron.conf
service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin
3. specify NGFW fwaas_driver and edit related key items in /etc/neutron/fwaas_driver.ini to match your environment
[fwaas] driver = neutron_fwaas.services.firewall.drivers.mcafee.ngfw_fwaas.NgfwFwaasDriver enabled = True [ngfw] # URL of SMC server smc_url = http://10.20.5.54:8082 # verion of API smc_api_version=5.7 # authenticate key for API call smc_api_auth_key = "vGEv9qAoYCbTwhonV8Bi0002"