IntroductionYou can deploy Forcepoint Next Generation Firewall in the Amazon Web Services (AWS) cloud to provide VPN connectivity, access control, and inspection for services in the AWS cloud.
Deploying Forcepoint NGFW in the AWS cloud You can deploy Forcepoint NGFW in the AWS cloud using 1-Click Launch or using Manual Launch when you have an existing SMC installation.
Configure HAAfter you have deployed two NGFW Engines, configure high availability (HA).
Managing Forcepoint NGFW Engines using the SSM AgentYou can use the AWS Systems Manager Agent (SSM Agent) to manage Forcepoint NGFW Engines that are deployed in the AWS cloud using the same AWS tools that are used for other AWS resources.
MaintenanceAll configuration information for the NGFW Engines is stored on the Management Server component of the SMC. After deployment, you can manage NGFW Engines in the AWS cloud using the Management Client component of the SMC in the same way as other NGFW Engines.
Troubleshooting in the AWS consoleYou can use diagnostics information provided by the AWS console for troubleshooting.
Example deployment This example shows a deployment in an example network environment.
Configuring VPC ingress routing for an Internet gatewayVPC ingress routing can direct all traffic from an edge location, such as the Internet or a VPN gateway, through the Forcepoint NGFW Engine before reaching its final destination. These instructions describe how to configure VPC ingress routing for an Internet gateway.
Configuring a route-based VPN to AWS with BGPThe configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and private subnets. A virtual private gateway enables communication with your own on-premises network over an IPsec VPN tunnel. All routing configuration is done using BGP.
Find product documentationIn the Forcepoint Customer Hub, you can find information about a released product, including product documentation, technical articles, and more.