Generate key pairs and identify AMI

The Amazon Machine Image (AMI) ID is required to deploy the NGFW engines within an AWS region. Both the AMI ID and the AWS Region name are used in the configuration file for this integration.

1. Using the AWS console search for EC2.
2. Once you get the search result, select EC2 from the drop-down list.
3. From the left navigation pane in the Network & Security section, select Key Pairs.
4. Select Create key pair in the top right.
5. Do the following on the Create key pair screen:
   1. In the Name field, type "ngfw-tgw-keypair" (all lower case).
   2. Select file format as pem and then click Create Key Pair.

   This re-directs to the page where you created the key and automatically downloads the keypair file.

6. Save this file in your local drive as it will be needed to access the EC2 instances deployed as part of this integration.
7. Once the key pair is created, select Instances from the left navigation pane.
8. Click Launch Instance and select an Amazon Machine Image (AMI).
9. In the AMI wizard search for Forcepoint NGFW and select the AWS Marketplace tab on the left navigation area.
10. Click Previous versions link in the Forcepoint NGFW (BYOL) - Next Generation Firewall option.
11. On the next page select Continue to Configuration.
12. On the next page select the region you want to use, everything else can be left as default. The AMI ID will appear below the region drop-down menu.
13. Save this value in a safe location for future reference.