Listing Thumbnail

    Trace3 Palo Alto Firewall Architecture and Implementation in AWS

     Info
    Sold by: Trace3 
    As an AWS Advanced Consulting Partner, Trace3 provides expertise in Palo Alto VM Series Firewalls and how to deploy them in AWS to support multiple traffic patterns: East-West and North-South.
    Listing Thumbnail

    Trace3 Palo Alto Firewall Architecture and Implementation in AWS

     Info
    Sold by: Trace3 

    Overview

    Trace3 provides organizations the expertise to build and deploy next generation cloud architectures secured with Palo Alto VM-series firewalls that are scalable and highly available. We use a team of experienced Trace3 Engineers with extensive experience of deployment of both AWS and VM-Series firewalls in cloud environments.

    The proposed architecture will follow Palo Alto Network tested and verified reference architectures leveraging one or more of the following design constructs determined through careful consideration of requirements:

    • Multiple Availability Zone architecture providing redundancy through AWS ELBs or custom failover code deployed in AWS Lambda
    • Transit Gateway integration
    • Centralized approach using Gateway Load Balancer and dedicated security VPC
    • Dedicated Ingress, Egress and Directional VPCs to support all traffic flows
    • Automatic provision using infrastructure as code
    • Palo Alto Highly Available Architecture Deployed in single AWS Availability Zone
    • Centralized Management of Firewalls using Panorama

    Protection and security of cloud computing resources are key challenges that many organizations face. Our solution using the Palo Alto Network VM-Series solves these challenges by protecting AWS workloads through state-of-the-art application visibility, control and advanced threat prevention.

    Scope: During this Service, Trace3 will perform the following tasks in a phased approach:

    Discover

    • Gather Cloud Security Requirements from Customer cloud and security teams
    • Gain Access to customer AWS Cloud Environment
    • Host discovery sessions with customer to identify traffic patterns to be inspected
    • Discover Traffic Patterns and Throughput Characteristics

    Design

    • Review AWS VPCs, Subnets, Security Groups
    • Size PAN VM-Series Firewalls
    • Design new AWS Reference Architecture to support Firewall Deployment
    • Design new Firewall and Traffic Flow Diagrams to support Firewall Deployment
    • Identify Migration Approach for other AWS VPCs in the Organization

    Implement

    • Deploy Transit Gateway and TGW Attachments
    • Deploy new AWS VPCs, Subnets, and Security Groups for Dedicated Traffic Flows
    • Deploy Palo Alto VM-Series Firewalls with Load-Balancer and HA Capabilities
    • Integrate with On-premise Panorama
    • Deploy Initial Policy Sets in Palo Alto Virtual Firewalls

    Knowledge Transfer

    • Provide Regular KT Checkpoints to educate team on AWS and PAN Setup

    Highlights

    • Leverage Trace3's experience with implementing PAN firewalls into Large Enterprise client's AWS Environments
    • Deploy Inspection of Cloud Traffic Flows in Ingress, Egress, and Directional (East-West) Traffic Patterns
    • Utilize enhanced security features of Palo Alto Next-Generation VM-Series Firewalls in the Cloud

    Details

    Sold by

    Delivery method

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support

    Please contact the Trace3 Cloud Solutions Group for additional details on our approach to implementing a Cloud Security Framework featuring Palo Alto Networks VM-Series Firewalls: