Home > Integrated Products > VxRail > Guides > Planning Guide—VMware Cloud Foundation 5.x on VxRail > Firewall rules
The entire list of firewall rules that need to be configured to support every permutation of Cloud Foundation on VxRail is extensive and out of scope for this guide. Dell Professional Services as part of delivery engagement will work with a customer’s network administrators to identify all the firewall rules that needs to be configured before starting a Cloud Foundation on VxRail deployment.
Depending on your organization’s security policies, if a firewall or firewall rules are in place between Cloud Foundation on VxRail VLANs (for example, between the management network of the Management Domain and a VI Workload Domain), then there will be an extensive list of ports that must be opened. You can research the list at https://ports.vmware.com/home. For simplicity’s sake, an any-any trust rule between any of these pairs of subnets would be the most practical option.
There are a few basic firewall rules that need to be in place: