About Vlans And Tenants - Watchguard V10 User Manual

rity appliance. This reduces the cost of providing firewall
and VPN services to all tenants.
In addition to VLAN-type tenants, all Vclass security
appliances allow administrators to apply security policies
to VLAN-like tenants in a non-VLAN environment. This
type of tenancy is called a user domain. By logging on and
providing a user ID, password, and domain name to a
Vclass security appliance, an end user can access the Inter-
net or use VPN policies defined for his or her specified
domain. Creating user-domain tenant policies is an easy
way to achieve multi-tenant application without the need
for VLAN hardware. This is especially useful when tenants
cannot be distinguished by different IP subnets.
VLANs and VLAN Tenants are not supported in Transparent
Mode.

About VLANs and tenants

VLANs have become increasingly popular for both corpo-
rate networks and service providers as a way of partition-
ing a network into discrete regions. VLANs can also be
used to segregate a number of users who need to remain
separate from one another.
The Firebox Vclass appliance permits you to use VLAN
tags or IDs as part of the traffic specification in a policy, so
that your appliance can route traffic to and from a VLAN
segment by means of a VLAN switch. This permits bidirec-
tional traffic from the VLAN segment to other segments,
network regions, or to the Internet.
To assist network administrators in creating security poli-
cies for use in a VLAN-enabled environment, Vcontroller
allows definitions of VLAN tenants, which can be used as
part of the traffic specification in security policies. The
VLAN tenant entry represents the VLAN ID embedded in
a data stream packet that will be used by the VLAN switch.
Firebox Vclass User Guide
N
OTE
Using Tenants
187