H3c-technologies H3C SecPath F5020 Instrukcja Użytkownika Pobierz pdf (Strona 72)

• Manage the entire physical firewall.

• Create and delete non-default contexts (for example, Context 1, Context 2, and Context 3 in Figure

22).

• Assign resources to non-default contexts. These resources include CPU resources, disk spaces,

memory spaces, interfaces, and VLANs.

On a non-default context, you cannot create another non-default context. Administrators of non-default

contexts can only manage and maintain their own contexts.

A non-default context can use only the resources assigned to it. It cannot use the resources assigned to

other contexts or the remaining resources on the physical firewall. Resources that are not assigned to any

non-default context belong to the default context.

Feature and hardware compatibility

Hardware Context

com

atibilit

F5020/F5040 Yes

M9006/M9010/M9014 Yes

VFW1000 No

Context configuration task list

Tasks at a

lance

(Required.) Creating contexts

Assigning contexts to security engines:

• (Required.) Configuring security engine groups

• (Required.) Assigning a context to a security engine group

Assigning resources to a context:

• (Required.) Assigning CPU, disk, and memory resources to a context

• (Required.) Assigning interfaces to a context

• (Optional.) Assigning VLANs to a context

• (Optional.) Setting a throughput threshold

• (Optional.) Setting the maximum number of object policy rules

(Required.) Starting a context

(Required.) Accessing a context

Creating contexts

When you create a context, you can assign it the VLAN-unshared attribute as required.

• A context with the VLAN-unshared attribute has its own VLAN resources (VLAN 1 through VLAN

4094). It does not share VLAN resources with any other context. You log in to the context and use

the vlan command to create VLANs for the context.

1 2 ... 67 68 69 70 71 72 73 74 75 76 77 ... 81 82

Brak uwag

H3c-technologies H3C SecPath F5020 Instrukcja Użytkownika Strona 72