GigaVUE V Series in Azure
Recommended Instance Type
Note: Additional instance types are also supported. Refer to Support, Sales, or Professional Services for deployment optimization.
|
Product |
Instance Type | vCPU | RAM |
|---|---|---|---|
|
GigaVUE V Series Node |
Standard_D4s_v4 |
4 vCPU |
16 GB |
| Standard_D8S_V4 |
8 vCPU |
32 GB |
|
|
GigaVUE V Series Proxy |
Standard_B1s |
1 vCPU |
1 GB |
|
G-vTAP Controller |
Standard_B1s |
1 vCPU |
1 GB |
Network Firewall Requirements for Azure
The following table lists the Network Firewall Requirements for GigaVUE V Series V Series 2 Node deployment.
|
Direction |
Type |
Protocol |
Port |
CIDR |
Purpose |
||||||||||||||||||
|
GigaVUE‑FM |
|||||||||||||||||||||||
|
Inbound |
|
TCP |
|
Administrator Subnet |
Management connection to GigaVUE‑FM |
||||||||||||||||||
|
Inbound |
Custom TCP Rule |
TCP |
5671 |
V Series 2 Node IP |
Allows GigaVUE V Series 2 Nodes to send traffic health updates to GigaVUE‑FM |
||||||||||||||||||
|
Outbound |
Custom TCP Rule |
TCP(6) |
9900 |
GigaVUE‑FM IP |
Allows G-vTAP Controller to communicate with GigaVUE‑FM |
||||||||||||||||||
|
Outbound (optional) |
Custom TCP Rule |
TCP |
8890 |
V Series Proxy IP |
Allows GigaVUE‑FM to communicate with V Series Proxy |
||||||||||||||||||
|
Outbound |
Custom TCP Rule |
TCP |
8889 |
V Series 2 Node IP |
Allows GigaVUE‑FM to communicate with GigaVUE V Series node |
||||||||||||||||||
|
G-vTAP Controller |
|||||||||||||||||||||||
|
Inbound |
Custom TCP Rule |
TCP(6) |
9900 |
GigaVUE‑FM IP |
Allows G-vTAP Controller to communicate with GigaVUE‑FM |
||||||||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
Custom TCP Rule |
TCP(6) |
8891 |
G-vTAP Agent or Subnet IP |
Allows G-vTAP Controller to communicate the registration requests from G-vTAP Agent. |
||||||||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
Custom TCP Rule |
TCP(6) |
443 |
GigaVUE‑FM IP |
Allows G-vTAP Controller to communicate the registration requests to GigaVUE-FM |
||||||||||||||||||
|
Outbound |
Custom TCP Rule |
TCP(6) |
9901 |
G-vTAP Controller IP |
Allows G-vTAP Controller to communicate with G-vTAP Agents |
||||||||||||||||||
|
G-vTAP Agent |
|||||||||||||||||||||||
|
Inbound |
Custom TCP Rule |
TCP(6) |
9901 |
G-vTAP Controller IP |
Allows G-vTAP Agents to communicate with G-vTAP Controller |
||||||||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
Custom TCP Rule |
TCP(6) |
8891 |
G-vTAP Agent or Subnet IP |
Allows G-vTAP Agent to communicate with G-vTAP Controller for registration and Heartbeat |
||||||||||||||||||
|
Outbound |
|
|
VXLAN (default 4789) |
G-vTAP Agent or Subnet IP |
Allows G-vTAP Agents to (VXLAN/L2GRE) tunnel traffic to V Series nodes |
||||||||||||||||||
|
GigaVUE V Series V Series Proxy (optional) |
|||||||||||||||||||||||
|
Inbound |
Custom TCP Rule |
TCP |
8890 |
GigaVUE‑FM IP |
Allows GigaVUE‑FM to communicate with V Series Proxy |
||||||||||||||||||
|
Outbound |
Custom TCP Rule |
TCP |
8889 |
V Series 2 node IP |
Allows V Series Proxy to communicate with V Series node |
||||||||||||||||||
|
GigaVUE V Series V Series 2 Node |
|||||||||||||||||||||||
|
Inbound |
Custom TCP Rule |
TCP |
8889 |
|
Allows V Series Proxy or GigaVUE-FM to communicate with V Series node |
||||||||||||||||||
|
Inbound |
|
|
|
G-vTAP Agent or Subnet IP |
Allows G-vTAP Agents to (VXLAN/L2GRE) tunnel traffic to V Series nodes |
||||||||||||||||||
|
Inbound |
UDP |
UDPGRE |
4754 |
Ingress Tunnel |
Allows to UDPGRE Tunnel to communicate and tunnel traffic to V Series nodes |
||||||||||||||||||
|
Outbound |
Custom TCP Rule |
TCP |
5671 |
GigaVUE-FM IP |
Allows GigaVUE V Series Node to send traffic health updates to GigaVUE‑FM |
||||||||||||||||||
|
Outbound |
Custom UDP Rule |
|
VXLAN (default 4789) |
Tool IP |
Allows V Series node to communicate and tunnel traffic to the Tool |
||||||||||||||||||
|
Outbound (optional) |
ICMP |
ICMP |
|
Tool IP |
Allows V Series node to health check tunnel destination traffic |
||||||||||||||||||
The following is the Network Firewall Requirements for V Series 1 node deployment.
|
Direction |
Protocol |
Port Range |
Source and CIDR, IP, or Security Group |
Purpose |
|
|
GigaVUE-FM Inside Azure |
|||||
|
Inbound |
HTTPS |
TCP(6) |
443 |
Anywhere Any IP |
Allows G-vTAP Controllers, GigaVUE V Series Controllers, and GigaVUE-FM administrators to communicate with GigaVUE-FM |
|
G-vTAP Controller |
|||||
|
Inbound |
Custom TCP Rule |
TCP |
9900 |
Custom GigaVUE-FM IP |
Allows GigaVUE-FM to communicate with G-vTAP Controllers
|
|
G-vTAP Agent |
|||||
|
Inbound |
Custom TCP Rule |
TCP |
9901 |
Custom G-vTAP Controller IP |
Allows G-vTAP Controllers to communicate with G-vTAP Agents |
|
GigaVUE V Series Controller |
|||||
|
Inbound |
Custom TCP Rule |
TCP |
9902 |
Custom GigaVUE-FM IP |
Allows GigaVUE-FM to communicate with GigaVUE V Series Controllers |
|
GigaVUE V Series 1 node |
|||||
|
Inbound |
Custom TCP Rule |
TCP |
9903 |
Custom GigaVUE V Series Controller IP |
Allows GigaVUE V Series Controllers to communicate with GigaVUE V Series nodes |
|
VXLAN Traffic |
|||||
|
Inbound |
Custom UDP Rule |
VXLAN |
4789 |
|
Allows mirrored traffic from G-vTAP Agents to be sent to GigaVUE V Series nodes using VXLAN tunnel Allows monitored traffic to be sent from GigaVUE V Series nodes to the tools using VXLAN tunnel |
