The Barracuda NextGen Control Center for Microsoft Azure is available as a Bring Your Own License (BYOL) image from the Azure Marketplace or as a VHD from the Barracuda Download Portal. Two models are available: The VCC610 support two ranges and unlimited clusters, the VCC400 one range and one cluster. The Control Center can manage both on-premise hardware and virtual units, as well as F-Series Firewalls in the public cloud. It is not possible to use the Azure Control Center in a high availability cluster.
Before you Begin
- Purchase a NextGen Control Center for Microsoft Azure license.
- Deploy the NextGen Control Center for Microsoft Azure image. For more information, see Microsoft Azure Deployment.
- Make sure the Control Center is license is installed and activated on the box layer. For more information, see How to Activate and License a Stand-alone Virtual or Public Cloud F-Series Firewall or Control Center.
Step 1. Set a static IP address for the Control Center VM
You must reserve the internal IP address of your Control Center VM because managed F-Series Firewalls expect the IP address of the Control Center to be static. For deployments using Azure Service Manager, see Reserved, Static and Public IP Addresses in the Azure Cloud using ASM.
Step 2. Export the base license on box layer
- Log into the box layer of the Control Center.
- Open the CONFIGURATION > Configuration Tree > Box > Box Licenses page.
- Click Lock.
- In the Licenses table, select the Base License and click Im/ Export and select Export to clipboard or Export to File.
Step 3. Configure CC identification settings
The CC Identification settings are required to secure communication between the Control Center and the F-Series Firewalls it manages.
- Log into the Control Center.
- Click Trust.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > CC Identity. The This Connection is Untrusted popup opens.
- Click No.
- Click Lock.
- In the CC Identification section, click Import and select Import from Clipboard or Import from File to import the base license exported in step 3.
- In the Organization field, enter your organization name.
- In the left menu, click Trust Chain.
- Define the keys and certificates required for secure communication between the Control Center and the F-Series Firewalls that it will manage:
- CC Private Key – Click New Key and specify the key length.
- CC Certificate – Click Edit and specify the certificate settings.
- CC SSH Key – Click New Key and specify the key length.
Step 4. (optional) Complete the auto activation form
To automatically activate managed F-Series Firewall licenses, you must enter the data for the auto-activation form once.
- Log into the Control Center.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > CC Parameters.
- In the left menu, select Activation Template.
- Click Lock.
- Enter the Owner and Purchase Information.
- Click Send Changes and Activate.
Next steps
Continue with the steps below to set up the Control Center in Microsoft Azure according to your needs.
Link | |
---|---|
Create Admins | Control Center Admins |
Configure Central Management | |
Add Managed F-Series Firewalls | |
License Managed F-Series Firewalls | |
Revision Control System (RCS) | Revision Control System (RCS) |
Modify Azure Route tables for VIP network | Azure Networking |