Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Before You Deploy vSRX in VMware NSX Environment

 

Before you begin deploying the vSRX Virtual Services Gateway as an advanced security service in VMware NSX:

  • Download the .ovf file of the vSRX software image from Juniper Networks website and save it to the Policy Enforcer. The vSRX OVF URL automatically appears in the Register Security Service page of the Security Director when you register the vSRX virtual machine (VM) as a Juniper security service on the NSX Manager.

  • Obtain the Juniper SDSN for NSX license key (see Juniper SDSN for VMware NSX Licensing).

  • Install two or more VMware ESXi hosts. See the VMware documentation for details.

  • Install the VMware vCenter Server on a Windows VM or physical server, or deploy the VMware vCenter Server Appliance. Connect to the vCenter Server from the vSphere Web Client. See the VMware documentation for details.

  • Create a vSphere distributed switch (VDS) in the vSphere environment, add each ESXi host to a common VDS, and then configure the ESXi hosts in a vSphere cluster. For each host cluster that will participate in NSX, all hosts within the cluster must be attached to a common VDS. See the VMware documentation for details.

  • Deploy VMs on each ESXi host by using the vSphere Web Client. See the VMware documentation for details.

  • Install the VMware NSX Manager in your vCenter Server environment by using the vSphere Web Client. The NSX Manager is the centralized network management component of NSX, and is installed as a virtual appliance on any ESXi host in your vCenter Server environment. It provides an aggregated system view. See the VMware documentation for details.

    Note

    Ensure that NSX Manager is configured in single vCenter Mode and not in multiple vCenter mode. See the VMware documentation for details.

    Note

    Juniper Networks devices require a license to activate the feature. To understand more about VMWare NSX Licensing, see, Licenses for Network Management. Please refer to the Licensing Guide for general information about License Management.

Table 1 lists the system software requirement specifications for the components of a vSRX, Security Director, and VMware NSX integration.

Table 1: System Software Specifications for vSRX in VMware NSX Environment

Component

Specification

VMware ESXi Server

6.0 Update 3 or later

VMware vCenter Server

6.3.1 or later

VMware NSX for vSphere

6.3.1 or later

Note: For sites that are running vSphere 6.5, vSphere 6.5a is the minimum supported version with NSX for vSphere 6.3.0.

VMware NSX Manager

6.3.1 or later

Linux Kernel

3.10.x or later

Junos Space Security Director

17.1 or later

Junos Space Policy Enforcer

17.1 or later

vSRX

Junos OS Release vSRX 15.1X49-D101 or later

Memory

4 GB

Disk space

16 GB (IDE or SCSI drives)

vCPUs

2 vCPUs

vNICs

A single vNIC for management traffic. Network traffic is forwarded to the vSRX over a Virtual Machine Communication Interface (VMCI) communication channel by the ESXi hypervisor.

Note: VMCI is not a network interface (NIC) but a VMWare-proprietary device for Host to Guest Communication.