DLP deployment in a public cloud environment
DLP deployment in a public cloud environment
Several options are available for deploying Forcepoint DLP in a public cloud environment. Supported public cloud infrastructure vendors are Microsoft Azure and Amazon AWS. Deployment options include:
- Full deployment, in which the management server, DLP Supplementary servers, and agents all reside in an Azure or AWS environment.
When implementing a full deployment in Azure or AWS, all cloud-based virtual machines (VMs) must be connected to a virtual network so that they can communicate with one another. The appropriate firewall ports must be configured for inbound and outbound traffic. These are the same ports as for on-premises installations; see System requirements for more information. Ports 80 and 443 must be open for external communication. Static IPs must be used.
- Hybrid deployment, in which the management server resides on-premises and connects with agents in Azure or AWS via a site-to-site VPN.
When implementing a hybrid deployment in Azure or AWS, a site-to-site VPN is required for communication between the on-premises management server and the agents in the cloud. Static IPs must be used.
Refer to the Forcepoint DLP Installation Guide for instructions on installing Forcepoint DLP in AWS.
Refer to the following resources for general information on public cloud deployment:
- Microsoft Azure documentation
- Amazon AWS documentation