Configure the AWS environment

Prepare the AWS environment for the Forcepoint FlexEdge Secure SD-WAN deployment.

These instructions use the AWS web management console. For automated and large scale deployment, we recommend using the AWS command line interface (CLI) tools or lower level programming libraries to communicate with the AWS REST API directly.

These steps provide an overview of the configuration process. For detailed instructions, see the Amazon Elastic Compute Cloud Documentation and the Amazon Virtual Private Cloud Documentation.

Steps

  1. Create the virtual private clouds (VPCs) and the subnet that the Secure SD-WAN Engine will be deployed in.
    You must deploy the Secure SD-WAN Engine in a dedicated subnet.
  2. In the subnet that the Secure SD-WAN Engine will be deployed in, create one or more elastic network interfaces (ENIs).
    Only one ENI is required. You can optionally create more ENIs depending on your environment. Create one ENI for each physical interface that you added to the Single Engine element.
  3. Disable the Source/Dest. check option for each engine interface.
    The Source/Dest. check option prevents packet forwarding to destinations on other interfaces. When the option is enabled, the engine cannot act as a router.


    1. Right-click the ENI interface, then select Change Source/Dest. Check.


    2. From the Source/Dest. check options, select Disabled.
    3. Click Save.
  4. Create the required gateways and routing tables and assign them to subnets.