Skip to main content

The Security menu provides features to create a network used by the Deka Prime project. After you have successfully logged in to the Cloudeka Portal Service, click the Security menu on the Deka Prime module. There are two types of edge options, namely NSX-V and NSX-T.

a. NSXV edge type you can see the security details used in General, Firewall, NAT, and Routing to create network routes that will be used by Deka Prime.

Security - NSXV Type


b. NSXT edge type, you can see the security details used in General, Firewall, NAT, and IP Set to enter certain IP addresses into a white list which is also called the IP whitelist.

Security - NSXT Type


Firewall

Firewalls aim to monitor and control network traffic entering and leaving a computer network and protect the network from attacks that can damage it.

Create Firewall

Here are the steps to create a rule on Firewall:

  • On the Security menu click Details.

Create Firewall (a)


  • Select the Firewall tab and click Create Rules.

Create Firewall (b)


  • The Add Rule window displays indicating that you cannot cancel the action because the created rule will be permanently stored, click the Confirm key to continue with the process.

Create Firewall (c)


  • A Successfully updated Rule notification displays which means that the firewall rule was successfully added and will be located on the 2nd line of the last line from the bottom.

Create Firewall (d)


Update Firewall

Here are the steps to upgrade the firewall configuration:

  • On the Security menu click Details.

Update Firewall


  • Select the Firewall tab and select the firewall data to update by clicking the Update icon.

Update Firewall


  • Pada halaman Edit Firewall Rules dapat mengubah Name, Action, menDestination, Source, Service. Setelah memperbaharui firewall klik tombol Save

Update Firewall


  • Show notification “Successfully update firewall”

Update Firewall


Delete Firewall

Here are the steps to remove the firewall configuration:

  • On the Security menu click Details.

Delete Firewall


  • Select the Firewall tab and select the firewall data to update by clicking the Delete icon.

Delete Firewall


Delete Firewall


  • Show notification “Firewall has successfully updated!”

Delete Firewall


NAT

NAT (Network Address Translation) is a technique used in networks to change the host IP address in packets sent between networks. On the NAT tab you can add DNAT, add SNAT, update the DNAT/SNAT configuration, and delete the DNAT/SNAT configuration.

Add DNAT

Here are the steps to add DNAT on the NAT tab.

  • On the Security menu click Details.

Add DNAT


  • Select the NAT tab and click the "+ DNAT Rule" button.

Add DNAT


  • Fill in Applied On, Original IP/Range, Protocol, Translated IP/Range, and Description click the Confirm button to save the DNAT settings.

Add DNAT


Add DNAT


  • “NAT has successfully updated!” notifications are displayed.

Add SNAT

Here are the steps to add SNAT to the NAT tab.

  • On the Security menu click Details.

Add SNAT


  • Select the NAT tab and click the "+ SNAT Rule" button.

Add SNAT


  • Fill in Applied On, Original IP/Range, Protocol, Translated IP/Range, and Description click the Confirm button to save SNAT settings.

Add SNAT


Add SNAT


  • “NAT has successfully updated!” notifications are displayed.

Edit DNAT/SNAT

Here are the steps to upgrade SNAT/DNAT on NAT:

  • On the Security menu click Details.

Edit DNAT/SNAT


  • Select the NAT tab, select the DNS/SNAT data to update and click the “edit” button.

Edit DNAT/SNAT


  • The Edit/DNAT SNAT Rule window displays. Changeable data is Applied On, Original IP/Range, Protocol, Translated IP/Range, and Description click the Confirm button to save the changes.

Edit DNAT/SNAT


Edit DNAT/SNAT


  • Successfully updated NAT Rule notifications are displayed.

Delete DNAT/SNAT

Here are the steps to remove the SNAT/DNAT configuration on NAT:

  • On the Security menu click Details.

Delete NAT


  • Select the NAT tab and select the firewall data to delete and click the Delete icon.

Delete NAT


  • Click Confirm.

Delete NAT


  • Successfully updated NAT Rule notifications are displayed.

Routing

On the Routing tab you can add static routes, modify static routes, and delete created static routes.

Add Static Routes

Here are the steps to add a static route on the Routing tab:

  • On the Security menu click Details.

Add Static Routes


  • Select the Routing tab click the Add icon.

Add Static Routes


  • Enter Network, Next Hop, MTU, Admin Distance, Interface, and Description click Confirm to continue with the process.

Add Static Routes


  • “Static Route has successfully created!” notifications and static routes appear in the Static Routes table.

Add Static Routes


Edit Static Routes

You can change Network, Next Hop, MTU, Admin Distance, Interface, and Description. Here are the steps to change the static route data:

  • On the Security menu click Details.

Edit Static Routes


  • Select the Routing tab and select the static route data to update and click the Update icon.

Edit Static Routes (b)


  • When you finish updating the static route click the Confirm button.

Edit Static Routes (c)


  • “Successfully update static routes” notifications are displayed.

Delete Routes

You can remove a static route created by following these steps:

  • On the Security menu click Details.

Delete Routes (a)


  • Select the Routing tab and select the static route data to delete and click the Delete" icon.

Delete Routes (b)


  • The Delete Routes window displays click the Confirm button to continue with the removal process.

Delete Routes (c)


  • “Successfully update static routes” notifications are displayed.

IP Set

On the IP Set tab you can add IP that can access Deka Prime, update IP Set data, and delete IP sets that have been configured. This tab is only available if you use the NSXT edge type during edge configuration in Network menu.

Add IP Set

Here are the steps to add an IP that will be whitelisted on Deka Prime:

  • On the Security menu page, press the NSX-T Details button.

Add IP Set


- Select the IP Set tab, click the + New button.

Add IP Set


- The Add IP Set window appears.

Add IP Set


- This column Name, Description.

Add IP Set


- Enter the IP address in the Input IP Address column and press the + button to enter it in the IP Address list. Repeat the steps in this section if you want to enter another IP address.

Add IP Set


- Press the Create button to save changes.

Add IP Set


- The addition of the IP address was successful and entered into the IP Set table list.

Add IP Set


Update IP Set

Following are the steps to update IP data that has been whitelisted on Deka Prime:

  • On the Security menu page, press the NSX-T Details button.

Update IP Set


  • Select the IP Set tab and click the Update button.

Update IP Set


  • You can update the Name, Description, and IP Address columns. To add an IP address, enter the IP address in the Input IP Address column then press the + button. Press the Save button to save changes.

Update IP Set


Update IP Set


  • The notification Successfully updated IP Set appears.

Update IP Set


Delete IP Set

Following are the steps to delete IP data that has been whitelisted on Deka Prime:

  • On the Security menu page, press the NSX-T Details button.

Delete IP Set


  • Select the IP Set tab and click the Delete icon.

Delete IP Set


  • Press the Confirm button to continue the process.

Delete IP Set


  • A notification appears

Delete IP Set


×