Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Before You Deploy vSRX in VMware NSX-T Environment

Before you begin deploying the vSRX Virtual Services Gateway as an advanced security service in VMware NSX-T:

  • Download the .ovf file of the vSRX software image from Juniper Networks website and save it to the Policy Enforcer. The vSRX OVF URL automatically appears in the Register Security Service page of the Security Director when you register the vSRX virtual machine (VM) as a Juniper security service on the NSX-T Manager.

  • Obtain the Juniper SDSN for NSX license key (see Juniper Connected Security for VMware NSX Licensing).

  • Install the VMware vCenter Server on a Windows VM or physical server, or deploy the VMware vCenter Server Appliance. Connect to the vCenter Server from the vSphere Web Client. See the VMware documentation for details.

  • Install NSX-T Manager. NSX-T manager can be installed on ESXI or KVM servers. See the VMware documentation for details.

    Note:

    Juniper Networks devices require a license to activate the feature. To understand more about VMWare NSX Licensing, see, Licenses for Network Management. Please refer to the Licensing Guide for general information about License Management.

Table 1 lists the system software requirement specifications for the components of a vSRX, Security Director, and VMware NSX-T Manager.

Table 1: System Software Specifications for vSRX in VMware NSX Environment

Component

Specification

VMware ESXi Server

6.5 and 6.7

VMware vCenter Server

6.7 and 7.0

VMware NSX-T Manager

3.0

Junos Space Security Director

21.1 or later

Junos Space Policy Enforcer

21.1 or later

vSRX

Junos OS Release vSRX 3.0 21.1 or later

Memory

4 GB

Disk space

16 GB (IDE or SCSI drives)

vCPUs

2 vCPUs

vNICs

A single vNIC for management traffic. Network traffic is forwarded to the vSRX over a Virtual Machine Communication Interface (VMCI) communication channel by the ESXi hypervisor.

Note:

VMCI is not a network interface (NIC) but a VMWare-proprietary device for Host to Guest Communication.