cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michal Rodzos" <michal.rod...@cloudcentral.com.au>
Subject Replacing Virtual Router with a custom virtual appliance template
Date Sun, 01 Dec 2013 03:09:02 GMT
Is it possible to create a network offering, which would use a custom
virtual appliance instead of the default Debian template?


My understanding is currently only following network providers are
supported/available in ACS:

-          Citrix NetScaler

-          F5

-          Juniper SRX

-          Virtual Router

-          Cisco ASA 100v (Citrix CloudPlatform only?)

 

I've found a wiki page
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+In
tegration# that somebody managed to integrate the Palo Alto Firewall into
ACS. Plus some other people managed to get the midokura or Nicira to work ?

So it seems that  custom network providers are feasible.


I'd like to provide a premium network offering with a commercial security
gateway/UTM virtual appliance as a network provider. Ie the FortiGate UTM
provides VPN, NAT, DNS, DHCP, routing and other network features similar to
Virtual Router, but also offers security features like anitispam, virus
scanning, deep packet inspection, IPS etc. So the question is how hard is,
and how much dev effort is required?


Other option is to create a network like this
Internet -> ACS VR-> FortiGate TM VM ->  customer VMs
But not sure how can force all the public traffic from the VMs to go via the
FortiGate? 


The environment is XenServer 6.2 and ACS 4.2.1 with Advanced Networking

Thanks,
Michal

 

Regards,
Michal Rodzos
Solutions Architect

 
<http://www.cloudcentral.com.au/?utm_source=michal&utm_medium=email&utm_camp
aign=cloudcentral> CloudCentral - Secure Australian Cloud
Phone: 1300 144 007 | Mobile: +61 421 834 204
 <http://www.linkedin.com/in/michalrodzos> View Michal Rodzos' profile on
LinkedIn| Skype: michal.rodzos |  <https://twitter.com/cloudcentral> Twitter

 


Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message