Deploying and configuring ELB-based HA/load balancing
AWS provides a service called Elastic Load Balancer (ELB). In this scenario, ELB is protected using a FortiGate-VM, which provides more security and reliability to the existing cloud infrastructure.
ELBs are load balancers provided by AWS. They operate externally (Internet-facing) or internally. An external ELB is normally accessible from the Internet and distributes traffic as it enters a VPC. An internal ELB has similar capabilities but is only accessible within a VPC.
Like other load balancers, ELB can be configured as an external ELB that is accessible from the Internet and distributes traffic as it enters a VPC, or as an internal ELB which has similar functions and is only accessible inside a VPC. This section helps you get started with AWS ELB and FortiGate-VM configuration in an AWS environment.
Using this configuration, an IT administrator can place an application server inside a private subnet. The application server can provide web applications, terminal services, or general purpose Internet service. The access is fully protected and logged by the FortiGate-VM.
The design shows that application servers are fully separated between two subnets for active-active configuration. The load is divided evenly in this configuration.