Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

BloxOne Service Edge is deployed as a service on your on-prem hosts. To run BloxOne Service Edge services, set up or designate one or more on-prem hosts. Depending on your license entitlement, to deploy BloxOne Service Edge, enable the following services on the designated on-prem hosts:

  • BloxOne Service Edge Firewall: A service to deploy firewall and related rules.
  • BloxOne Service Edge Router: A service to deploy routing and related rules.

For information about license entitlements, see BloxOne Service Edge

To successfully deploy BloxOne Service Edge, define security rules, group them into policies based on your business requirements, apply these security policies to the edge profiles, and associate the profiles with the edges. You can define rules and policies for firewalls, NATs (Network Access Translations), port forwarding, routing, and routing protocols. 

When creating comprehensive security rules, you have the flexibility to add networks, services, and identities you want to be included in your BloxOne Service Edge infrastructure. You can organize these entities into meaningful categories by creating object groups. For example, create an address object group that consists of all IP addresses at a specific branch office in the UK. Once you have identified the objects and created object groups, add them to the security rules. You can create an address object that includes users who are allowed to access certain content on the internet; for users who are not authorized to view the same content, create another address object. You then include these address objects in the security rules and assign the PERMIT and DENY actions for each object. After setting up the security rules, organize the rules into policies, so you can mix and match rules in applicable policies according to your business requirements. To complete the deployment, create edge profiles that include security policies and apply them to the edges you have created. You can also create edge groups to further structure and define your edge infrastructure. For information about some use cases, see Configuration Examples.

The following illustration describes the high-level steps you take to successfully deploy BloxOne Service Edge.

To deploy BloxOne Service Edge:

  1. Deploy one or more on-prem hosts for BloxOne Service Edge. For more information, see Deploying On-Prem Hosts for Service Edge.
  2. Enable BloxOne Service Edge services on the on-prem hosts. For more information, see Enabling and Disabling Services on On-Prem Hosts.
  3. Define security rules for BloxOne Service Edge. For more information, see Configuring Policies.
  4. Create policies by grouping security rules according to your business needs. For more information, see Configuring Policies.
  5. Create profiles by adding security rules and policies, so you can apply them to your edges. For more information, see Configuring Edge Profiles.
  6. Associate profiles with one or more edges or edge groups. For more information, see Configuring Edges and Configuring Edge Groups.
  7. Optionally, define objects and object groups (such as networks, services, and identities) you want to include in the Service Edge infrastructure. You can also create custom objects and object groups. For more information, see Configuring Groups.
  8. Optionally, configure site-to-site VPN for your edges. For more information, see Configuring Edge Connectivity.
  • No labels