Difference between Managed FW and vFW on configuration

Firewall
(Bocade5600vRouer)
Managed FiewallNotes
10.1. Customer Portable-use Application and Operation MethodsAccess to Security Control Panel
10.1.1. Firewall instance application method1.1.1. Creating a New Device (Single Constitution)
1.1.4. Creating a New Device (HA Constitution)
10.1.2. Firewall Instance Operation MethodBasic Settings
10.1.3. Connect to a Logical Network2.1.2.1. Single Constitution Interface Setting
2.1.13.1. Single Constitution Network Management
2.1.2.2. HA Constitution Interface Setting
2.1.13.2. HA Constitution Network Management
10.1.4. Registration of Communication Settings for VRRP※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
10.1.5. Firewall instance deletion method1.1.3. Removing a Device (Single Constitution)
1.1.6. Removing Devices (HA Constitution)
10.2.1. Logging in to Brocade 5600 vRouter (Vyatta)2.1. Managed Firewall / Managed UTM
10.2.1.1. Brocade 5600 vRouter CLI access method (SSH)N/A
10.2.1.2. Brocade 5600 vRouter GUI access method (Control Panel)Access to Security Control Panel
10.2.2. Network setting2.1. Managed Firewall / Managed UTM
10.2.2.1. Default Gateway2.1.3.1. Single Constitution Routing
2.1.3.2. HA Constitution Routing
10.2.2.2. Static Route2.1.3.1. Single Constitution RoutingManaged Firewall:The maximum number of static routes to be set is 500.
2.1.3.2. HA Constitution Routing
Setting a static route having a host (IP address) specified for a destination2.1.3.1. Single Constitution Routing
2.1.3.2. HA Constitution Routing
Setting a static route having a network address specified for a destination2.1.3.1. Single Constitution Routing
2.1.3.2. HA Constitution Routing
Setting a static route which shares the same interface between InputIF and OutputIFN/A
10.2.2.3. VRRP1.1.1. Creating a New Device (Single Constitution)
2.1.2.2. HA Constitution Interface Setting
Redundancy check with VRRP※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
Checking VRRP switching※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
10.2.2.4. NAT2.1.4. Setting up a Object
NAT conversion of a source IP addressSource NAT SettingsManaged Firewall:The number of Source NAT Objects is 1000.
NAT conversion of a destination IP AddressDestination NAT SettingManaged Firewall:The number of Destination NAT Objects is 1000.
NAPT Conversion of a Source IP AddressSource NAT Settings
NAT conversion of a destination IP address from a destination IP address and port numberDestination NAT Setting
Setting the source IP address-specified NAPT and the combination for NAT conversion from a destination IP address/port number to a destination IP addressDestination NAT Setting
Source NAT Settings
10.2.3. Firewall Settings2.1.6. Setting up a Firewall PolicyManaged Firewall:The maximum number of Policies to be set is 1000.
10.2.3.1. Packet Filtering2.1.6. Setting up a Firewall Policy
Filtering Settings Which Use Source IP Addresses (Direct Specification/ Range Specification/ Address Group)2.1.6. Setting up a Firewall Policy
Setting (acceptance/ rejection) for source IP and services (port number/ service group)2.1.6. Setting up a Firewall Policy
Filtering settings which use destination IP addresses (direct specification/ range specification/ address group).2.1.6. Setting up a Firewall Policy
Setting (acceptance/ rejection) for destination IP and services (port number/ service group)2.1.6. Setting up a Firewall Policy
Setting for Making the Packet Filtering Function Operate in the Stateful Manner※Stateful Firewall as default.
Setting Change for the Case Where the Stateful Function Has Been Enabled for All Packet Filtering Rules※Stateful Firewall as default.
Setting of the Combination of the Packet Filtering Function and NAT Operations2.1.6. Setting up a Firewall Policy
10.2.3.2. Address GroupAddress Group SettingsManaged Firewall:The maximum number of Address Objects to be set is 1000.
Managed Firewall:The maximum number of Address Groups to be set is 1000.
Firewall(Brocade 5600 vRouter):The maximum number of Address Groups to be set is 32.
10.2.3.3. Setting of a service groupHow to Setting up Service Group .Managed Firewall:The number of Service Objects is 500.
Managed Firewall:The maximum number of Sevice Groups to be set is 250.
Managed Firewall:The number of Service Objects which can be registered for each Service Group is 100.
10.2.3.4. Zone-Base Firewall SettingN/A
Setting a single interface to a single zoneN/A
Setting Multiple Interfaces to a Single ZoneN/A
Filtering setting for traffic from zone “z2” to another zone “z3”N/A
Filtering setting for return from another zone “z3” to zone “z2”N/A
10.2.4. Bandwidth control settingN/A
10.2.4.1. Bandwidth Restriction (Upper-limit) SettingN/A
10.2.4.2. Priority Setting (DSCP Marking)N/A
10.2.4.3. Weighting Control Setting (WRR)N/A
10.2.4.4. Priority Control SettingN/A
10.2.5. VPN settingN/A
10.2.5.1. Connections using the IPsec (inter-site tunnel) functionN/A
10.2.5.2. Remote Access VPN Using L2TP/IPsecN/A
10.2.5.3. Connections Using the OpenVPN (Inter-site Tunnel) FunctionN/A
10.2.5.4. Connections using the OpenVPNN/A
10.2.6. Operation management setting※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
10.2.6.1. Monitoring-setting with the SNMP Function※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
10.2.6.2. Log Management Setting with the Syslog Function2.1.8. Setting up the Log Sending Settings to a Customer Managed Syslog Server.Managed FW: The destionation of Syslog is 1.
10.2.7. Functions for Maintenance Personnel2.1.14.1. Device Management Summary Display
10.2.7.1. How To Check Machine Status2.1.14.1. Device Management Summary Display
Version check※This function is managed by NTT Com as managed-service.
(Customers cannot confirm this function by theirselves.)
Memory consumption check2.1.12. Device KPI
Interface status check2.1.14.1. Device Management Summary Display
 2.1.2.1. Single Constitution Interface Setting
 2.1.13.1. Single Constitution Network Management
 2.1.2.2. HA Constitution Interface Setting
 2.1.13.2. HA Constitution Network Management
ARP status checkN/A
VRRP status check2.1.14.2. Device Management Detail Screen
Routing status check2.1.14.2. Device Management Detail Screen
NAT status check2.1.14.2. Device Management Detail Screen
VPN status checkN/A
Firewall status check2.1.14.2. Device Management Detail Screen
Syslog message check2.1.15. Log Analytics
10.2.7.2. How to Check When a Failure Occurs2.1.14.1. Device Management Summary Display
VRRP failure2.1.14.1. Device Management Summary Display
IPsec failureN/A
Instance restart※This function is managed by NTT Com as managed-service.
(Customers cannot operate this function by theirselves.)
10.2.7.3. How To Check Communications (Ping)2.1.13.1.3. Ping Execution
10.2.7.4. Communication Route Check Method (Traceroute)N/A
10.2.8. Configuration management※This function is managed by NTT Com as managed-service.
(Customers can confirm on GUI)
10.2.8.1. Configuration save※This function is managed by NTT Com as managed-service.
(Screen capture of GUI settings)
10.2.8.2. Preparation for configuration restoration※This function is managed by NTT Com as managed-service.
(Screen capture of GUI settings)
10.2.8.3. Configuration restoration※This function is managed by NTT Com as managed-service.
(Input from GUI)
10.2.9. Migration between Different Versions※Excluded
Migration between different versions (Method 1)※Excluded
Migration between different versions (Method 2)※Excluded
10.2.10. (Reference) Firewall performance measurement resultPresented separatedly
10.2.10.1. Non-encryption communication testN/A
10.2.10.2. Encryption communication testN/A
10.2.11. (Refference)Brocade 5600 vRouter Userguide※Excluded
10.2.11.1. Brocade5600 vRouter RESOURCE LIBRARY (Version:5.2R4)※Excluded
10.2.11.2. Brocade5600 vRouter RESOURCE LIBRARY (Version:4.2R1)※Excluded
10.2.11.3. Brocade5600 vRouter RESOURCE LIBRARY (Version:3.5R6)※Excluded
10.3. Usage model operation confirmed※Excluded
10.3.1. Example of firewall / load balancer configuration on web site publication (two-arm)
10.3.2. Firewall / load balancer configuration example on WEB site publication (one arm)
10.3.3. Site-to-site VPN configuration example
10.3.4. Remote access VPN configuration example
10.3.5. Example of NAT configuration when using Common Functions via firewall
Enterprise Cloud 2.0 Inter-ConnectivityN/A
(Refferance) Dynamic Routing (OSPF/BGP)N/A