Enabling the Distributed Cloud Firewall Feature
|
If you see a message on the Distributed Cloud Firewall page (Security > Distributed Cloud Firewall) that you require the Aviatrix Universal Subscription, in the cloud marketplace you must subscribe to and accept terms for the correct Aviatrix subscription:
Take note of your Customer ID for this offer. If there is no pre-existing customer ID (you are a new user), you entered this customer ID when logging on to CoPilot. You do not need to reset the Customer ID on the License tab before enabling the feature. If you have already subscribed to the Aviatrix Universal Subscription license, you do not need to subscribe again. You can just enable the feature from Configuration > Settings > License in CoPilot. |
|
If you configured the ThreatIQ and/or Geoblocking features prior to Controller version 7.2.4820, in 7.2.4820 you automatically receive a free Distributed Cloud Firewall (DCF) license. If you did not configure the ThreatIQ and/or Geoblocking features prior to Controller version 7.2.4820, you are expected to purchase a DCF license. This will include the GeoGroup and ThreatGroup features. |
After subscribing to the license (if you are a new user), do the following to enable the Distributed Cloud Firewall feature:
-
In CoPilot, go to Settings > Configuration > License.
-
In the Add-on Features list, click Enable for the Distributed Cloud Firewall feature.
-
Assuming that the Distributed Cloud Firewall add-on feature is enabled, you can enable Enforcement on PSF Gateways and/or Enforcement on External Connections from the Feature Previews list if desired. You cannot enable these preview features if DCF is not enabled.
If for some reason you disable DCF, the following features are also disabled:
-
Enforcement on PSF Gateways
-
Enforcement on External Connections
-
WebGroups
-
GeoGroups <need to clarify the last two>
-
Default ThreatGroup
-