The FortiGate Enterprise Firewall for Amazon Web Services (AWS) is deployed as a virtual appliance in AWS (IaaS). This section shows you how to install and configure a single instance FortiGate- virtual appliance in AWS to provide a full NGFW/UTM security solution to protect your workloads in the AWS IaaS.
Networking is a core component in using AWS services, and using virtual private clouds (VPCs), subnets, and virtual gateways help you to secure your resources at the networking level.
This section covers the deployment of simple web servers, but this type of deployment can be used for any type of public resource protection, with only slight modifications. With this architecture as a starting point, you can implement more advanced solutions, including multi-tiered solutions.
In the example, two subnets are created: Subnet1, which is used to connect the FortiGate-VM to the AWS Virtual Gateway on the public-facing side, and Subnet2, which is used to connect the FortiGate-VM and the Windows server on the private side.