Sign in
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help


SCF: Central Network with Palo Alto Firewalls is a security automation and accelerator-led consulting engagement to design, build and implement Infrastructure as Code (IaC) to deploy a centralized Hub-and-Spoke Network architecture to enable a secure multi-region networked environment for application workloads. Leveraging resource sharing, network resources are centralized in a designated AWS Account and shared with application AWS Accounts to enable application teams to deploy their workloads with minimal management overhead for their VPCs, TGW attachments, route tables, firewall connections and more.

This solution leverages central security inspection for network traffic via Palo Alto Firewalls and Panorama (for management)

NOTE: Licensing costs for Palo Alto Firewalls and Panoramas are not included in this MarketPlace Offering; they must be procured separately.

Accenture will perform scoping/design sessions to determine the appropriate network configuration implementation for the target AWS Control Tower environment. Solution assets will then be deployed according to specifications determined during the collaboration sessions to implement features/capabilities including but not limited to:

  • Creation and implementation of DevOps pipeline for deploying SCF: Central Network with Palo Alto Firewalls solution assets

  • Multi-Region Hub-and-Spoke Network Architecture with Transit Gateways

  • Central Management VPCs for Panorama Infrastructure to manage logs and configuration of Palo Alto Firewalls

  • AutoScaling Palo Alto Firewall Infrastructure integrated with AWS Gateway Loadbalancer for enhanced performance capabilities

  • Multi-region DNS

  • Service Catalog ordering forms and provisioning of VPC resources with automated IP management and resource sharing to target Organizational Units

  • Service Catalog ordering forms and provisioning of Route 53 DNS hostnames

  • VPC Flow Log Generation and Collection for all Vended VPCs

This offering does include support for customers implementing VPN and Direct Connect connections to Transit Gateways that are deployed as part of the SCF: Central Network with Palo Alto Firewalls offering.

NOTE: Direct Connects and VIFs procurement are not included in this MarketPlace offering; they must be procured separately through AWS.

What We Deliver/Deliverables:

  • No-Cost 2-hour working session to evaluate your current AWS Environment and the benefits/capabilities of SCF: Central Network with Palo Alto Firewalls
  • Statement of Work for SCF: Central Network with Palo Alto Firewalls that encompasses Design, Build and Implementation
  • Execution of Statement of Work
  • Recommended Next Steps
Sold by Accenture
Fulfillment method Professional Services

Pricing Information

Dimension Cost
Professional Services Contact seller for rate