Tenant Systems Overview
A tenant system logically partitions the physical firewall into separate and isolated logical firewall. Although similar to logical systems, tenant systems have much higher scalability and fewer routing features. Each tenant system on a device allows you to control a discrete administrative domain for security services. By transforming your device into a multitenant system, you can provide various departments, organizations, customers, and partners—depending on your environment—private and logically separated use of system resources and tenant-specific views of security configuration. A primary administrator creates and manages all the tenant systems.
To distribute security resources across tenant systems, you can create security profiles that specify the type and amount of resources to be allocated to a tenant system. After creating security profiles, you can bind them to tenant systems. The tenant systems are defined largely by the resources allocated to them, including security components, interfaces, routing instances, static routes, and dynamic routing protocols. You cannot create a tenant system without assigning a security profile to it. You can configure a single security profile to assign resources to a specific tenant system or use the same security profile for more than one tenant system.
For detailed information about understanding tenant systems, see Logical Systems and Tenant Systems User Guide for Security Devices.