AWS Transit Gateway
The AWS transit gateway service provides inter-connectivity across thousands of VPCs, AWS accounts, and on-premises networks. It lets you to control communications between VPCs and to connect to the on-premises networks using a single gateway.
This section provides detailed instructions on how to integrate Forcepoint Next Generation Firewall (NGFW) and AWS Transit Gateway using a CloudFormation template, which includes an auto-scaling template that connects the AWS Transit Gateway using an AWS Lambda function and configures NGFW engines in the existing Forcepoint Security Management Center (SMC). This deployment provides connectivity for on-premise traffic to networks within AWS VPCs and vice versa.
This CloudFormation template lets system administrators to automatically:
- Deploy all AWS resources necessary to setup NGFW Engines and AWS Transit Gateway.
- Connect Forcepoint NGFW engines deployed as EC2 instances from the auto-scaling template with an existing Forcepoint SMC.
- Configure and connect on-premise and EC2-based NGFW engines to bridge traffic between on-premise and AWS workloads.
The following diagram provides a description of the workflow between the components involved in this solution:
