2 Answers
- Newest
- Most votes
- Most comments
0
You can follow this blog to transitioning from Network Virtual appliances to Network Firewall.
Following deployment models are explained in this blog -
- Distributed AWS Network Firewall deployment model: AWS Network Firewall is deployed into each individual VPC.
- Centralized AWS Network Firewall deployment model: AWS Network Firewall is deployed into centralized VPC for East-West (VPC-to-VPC) and/or North-South (internet egress and ingress, on-premises) traffic. We refer to this VPC as inspection VPC throughout this blog post.
- Combined AWS Network Firewall deployment model: AWS Network Firewall is deployed into centralized inspection VPC for East-West (VPC-to-VPC) and subset of North-South (On Premises/Egress) traffic. Internet ingress is distributed to VPCs which require dedicated inbound access from the internet and AWS Network Firewall is deployed accordingly.
You can refer this blog for routing configuration however this is GLB use case.
https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-inspection-architecture-with-aws-gateway-load-balancer-and-aws-transit-gateway/
answered 3 years ago
Relevant content
- Accepted Answerasked 3 years ago
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- How do I monitor my transit gateway and Site-to-Site VPN on a transit gateway using Network Manager?AWS OFFICIALUpdated 2 years ago