?

Public Cloud Segmentation III - Transit VPCs

Bookmark
9 people launched
Solution Overview
As organizations outsource and look to abstract infrastructure management to focus on what they do best, public cloud providers are booming.  As these organizations migrate to public cloud, Enterprise Segmentation is just as important to securing public cloud environments as it is on-prem.   This lab (building on Public Cloud Segmentation Lab and Public Cloud Segmentation II Lab) uses an Amazon Web Services (AWS) environment to illustrate public cloud segmentation on multi-region scale.  AWS is the world’s most comprehensive and broadly adopted cloud platform, offering over 165 fully featured services from data centers globally. Millions of customers —including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.   The Next-Gen Firewall implemented is from Fortinet, a leading firewall OEM in and outside of the service provider space. 

Goals & Objectives

This lab goes over connection strategies for multi-region and multi-account deployments in AWS. 
Technologies used:

1. Inter-region peering
2. Transit VPCs
3. NGFW integration into TVPC

Included is a step by step walk-through of setting up a Transit VPC and inter-region peering. The NGFW used is a Fortinet Fortigate. 

In summary, in this lab you will:
  • Learn how how AWS Transit VPCs are configured
  • Utilize a 3rd-Party NGFW (Fortinet) as the segmentation mechanism for this architecture

Hardware & Software

The lab consists of the following hardware, software, and environments:
  •   1 x Windows JumpBox
  •   5 x AWS VPC
  •   1 x Fortinet Fortigate NGFW

Technologies