You can deploy Forcepoint Next Generation Firewall in the Amazon Web Services (AWS) cloud to provide VPN connectivity, access control, and inspection for services in the AWS cloud.

You can deploy Forcepoint NGFW in the AWS cloud using 1-Click Launch or using Manual Launch when you have an existing SMC installation.

After you have deployed two NGFW Engines, configure high availability (HA).

You can use the AWS Systems Manager Agent (SSM Agent) to manage Forcepoint NGFW Engines that are deployed in the AWS cloud using the same AWS tools that are used for other AWS resources.

All configuration information for the NGFW Engines is stored on the Management Server component of the SMC. After deployment, you can manage NGFW Engines in the AWS cloud using the Management Client component of the SMC in the same way as other NGFW Engines.

You can use diagnostics information provided by the AWS console for troubleshooting.

This example shows a deployment in an example network environment.

VPC ingress routing can direct all traffic from an edge location, such as the Internet or a VPN gateway, through the Forcepoint NGFW Engine before reaching its final destination. These instructions describe how to configure VPC ingress routing for an Internet gateway.

The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and private subnets. A virtual private gateway enables communication with your own on-premises network over an IPsec VPN tunnel. All routing configuration is done using BGP.

In the Forcepoint Customer Hub, you can find information about a released product, including product documentation, technical articles, and more.