Q: What does the AWS Network Firewall Deployment Automations for AWS Transit Gateway solution do?
A: AWS Network Firewall Deployment Automations for AWS Transit Gateway configures the AWS resources needed to inspect and filter VPC-to-VPC (East-West) traffic. With this solution, you can inspect hundreds or thousands of Amazon VPCs and accounts in one place. This solution saves you time by automating the process of provisioning a centralized AWS Network Firewall to inspect traffic between VPCs. You can also centrally configure and manage your AWS Network Firewall, firewall policies, and rule groups.
Q: How much does this solution cost?
A: As of February 2021, the estimated cost for running this solution for two network firewall endpoints in two availability zones, 5 GB of traffic per day, with default settings in the US East (N. Virginia) Region is approximately $620.55 per month. For more information, refer to the solution implementation guide.
Q: Who should use this solution?
A: This solution is ideal for large organizations with a general need for centralized inspection and filtering of the traffic between their Amazon VPCs across multiple accounts within their AWS environment.
Q: How do I get started?
A: Before you launch the solution, review the architecture overview, components, and deployment considerations discussed in the implementation guide. To get started, launch the AWS CloudFormation template that deploys the solution in your primary AWS account. The default configuration deploys AWS Network Firewall, Amazon VPC, AWS Transit Gateway, AWS CodeCommit Repository, AWS CodeBuild, AWS CodePipeline, and Amazon CloudWatch. Refer to the steps described in the implementation guide to launch the default configuration or use the AWS Cloud DevelopmentKit (AWS CDK) construct provided on GitHub to customize the template to meet your specific needs.
Q: How does this solution differ from AWS Network Firewall?
A: This solution adds automation on to of AWS Network Firewall. AWS Network Firewall is a managed service that gives you granular visibility and control of their network traffic, allowing you to accomplish network segmentation, egress domain filtering, and intrusion prevention through event driven logging.
Q: How can I extend the AWS Network Firewall Deployment Automations for AWS Transit Gateway?
A: You can customize the primary AWS CloudFormation template using the AWS Cloud Developer Kit (AWS CDK) to customize the default configuration.
Training and Certification
AWS Training and Certification builds your competence, confidence, and credibility through practical cloud skills that help you innovate and build your future. Learn more »
Introduction to Amazon Virtual Private Cloud (VPC)
This course is a basic overview of how Amazon Virtual Private Cloud (VPC) can be used to secure your AWS resources and provide full control over your network configuration. A sample Amazon VPC configuration will be covered in detail, along with its features and components.
AWS Certified Security
This exam is intended for individuals who perform a security role with at least two years of hands-on experience securing AWS workloads.
AWS Certified Solutions Architect – Associate
This exam validates your ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies.
The AWS Partner Network (APN) is focused on helping partners build successful AWS-based businesses to drive superb solutions and customer experiences. APN Partners are focused on customer success, helping you take full advantage of all the business benefits that AWS has to offer. With their deep expertise on AWS, APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey and to help you solve some of your most complex problems.