Using the OVA Bundled Method to Integrate the vGW Series with the VMware Infrastructure

This topic explains how to integrate the vGW Series appliances–the vGW Security Design VM and the vGW Security VM–with the VMware virtualized infrastructure.

This topic includes the following sections:

Prerequisites

See Understanding vGW Series Prerequisites and Resource Requirements.

Overview

The bundled OVA template allows you to deploy both the vGW Security Design VM and the vGW Security VM in a single OVA archive file. In this case, OVA creates a single vApp and inserts the two vGW Series appliances into it.

You can delete the vApp after the deployment and integration process is complete. It is used only to convey the vGW Series VMs. However, be careful not to delete it before then.

In the single Combo Package file, the OVA template deploys:

The OVA Combo Package installs a vApp, and VMware will not install a vApp on a cluster for which DNS is not enabled. In this case, you must use the non-bundled OVA method to deploy each component separately.

Downloading the vGW Series OVA Combo Package

Step-by-Step Procedure

This procedure explains how to download the OVA combination package containing the vGW Series appliances from the Juniper Networks download site.

To download the Juniper Networks OVA archive file that contains both the vGW Security Design VM and the vGW Security VM:

  1. Navigate to the Juniper Networks Support page.
  2. Select Download Software from the Support box in the left column.
  3. Select vGW (Altor) in the Security pane.
  4. Select the Software tab.
  5. Click vGW Series 5.0 Combo Package, and log in to the site to download the file.

Integrating the vGW Series with the VMware Infrastructure

Step-by-Step Procedure

To deploy the vGW Series appliances—the vGW Security Design VM and the vGW Security VM—and integrate them with the VMware infrastructure:

  1. Using the vSphere 4.x client, load the bundled OVA file. Select Deploy OVF Template from the File menu. See Figure 1.

    Figure 1: Loading the OVA File

     Loading the OVA File
  2. Enter the download filename or its URL in the Deploy from file or URL box—for example, enter: c:\temp\vGW_Combo_5.0_#-#-#_#-#-#.ova—and click Next.

    You use the OVF template method to deploy the OVA file. After you specify the name of the OVA file and its location, the Appliance Wizard displays the OVA template details page. See Figure 2.

    Figure 2: OVA File Name Specification

    OVA File Name Specification
  3. Verify the contents of the OVA package, and click Next.

    Before the wizard unbundles the OVA package, verify that it contains the vGW Series appliances. The OVA template summary also specifies the disk space requirements for thick and thin provisioning. See Figure 3.

    Figure 3: OVA Template Details Page

    OVA Template Details Page
  4. Accept the vGW Series license agreement, and click Next. See Figure 4.

    Figure 4: OVA File Deployment License Agreement

    OVA File Deployment License Agreement
  5. Specify a name for the vApp that will be created and a storage location. This example uses “Juniper vGW Kevin.”
  6. Specify the host or cluster to run the deployed template on. See Figure 5.

    Figure 5: Specifying the Host for the Deployed OVA Template

    Specifying the Host for the Deployed
OVA Template
  7. Select the disk format. Accept the thick provisioned format default.

    Thick provisioning preallocates all required space for the product. See Figure 6.

    Figure 6: Specifying the Disk Format

     Specifying the Disk Format
  8. Map the networks. Set the vGW management network to a destination network that is accessible to vCenter and the vGW Security Design VM. See Figure 7.

    Figure 7: Mapping the vGW VMsafe and vGW Management Networks

    Mapping the vGW VMsafe and vGW
Management Networks
  9. Specify the size of the database to use for storing vGW Series files.

    The database stores network connection records and firewall logs. We recommend that you use a network storage device (NAS) so that it can be migrated through vMotion for space optimization. See Figure 8.

    Figure 8: Specifying the Database Disk Size

    Specifying the Database Disk Size

    The default disk size is 8.0 GB. In a typical environment that includes 5 to 10 ESX/ESXi hosts, a database of this size can accommodate data accumulated over several months. However, for your environment you might want to deploy a database that is larger than 8.0 GB.

    You can increase the database size later if you find that the current space is not adequate. Although there is no hard-coded limit, we recommend restricting the size to less than 75 GB.

    This disk should not be thin-provisioned.

    Note: Do not use a read-only data store.

  10. Verify that the configuration is correct, and click Finish to complete the deployment. See Figure 9.

    Figure 9: Verifying That the Configuration Is Correct

     Verifying That the Configuration Is Correct

    The Virtual Appliance Wizard downloads the files and inserts the vGW Series VMs as a single virtual appliance (vApp) into the VMware infrastructure.

    When the OVA import is completed, the vCenter contains a vApp called “Juniper vGW Kevin.” This vApp contains both the vGW Security Design VM and the vGW Security VM template components.

  11. Expand the appliance called “Juniper vGW Kevin” to display the vGW Security Design VM and the vGW Security VM. See Figure 10.

    Figure 10: Displaying the vGW Appliances

    Displaying the vGW Appliances

    After you remove the two vGW Series VMs from it, you can delete the vApp. (It is not a requirement to delete the vApp.)

    Note: Do not delete the vApp without first having removed the vGW Series VMs. If you do, the newly created vGW Series VMs will be deleted.

    After you remove the vGW Series VMs from the vApp:

    • Convert the vGW-SVM-Template VM to a template that the vGW Security Design VM and installer can use to instantiate a vGW Security VM for each ESX/ESXi host to be secured. Right-click the template, and select Convert to Template.
    • Right-click the vGW Security Design VM and power it on.

Related Documentation