Fortinet Document Library

Version:


Table of Contents

AWS Cookbook

Resources

Upgrade Path Tool

Related Videos

AWS FortiGate Autoscale with Transit Gateway support part 1

  • 543 views
  • 6 months ago

AWS Cookbook

6.4.0
Download PDF
Copy Link

Deploying auto scaling on AWS with Transit Gateway integration

FortiGate Autoscale for AWS with Transit Gateway integration is available with FortiOS 6.2.1 and only supports On-Demand instances.

Before you deploy FortiGate Autoscale for AWS with Transit Gateway integration, it is recommended that you become familiar with the following AWS services. If you are new to AWS, see Getting Started.

FortiGate Autoscale for AWS with Transit Gateway integration uses AWS CFTs to deploy the following components:

  • A highly available architecture that spans two Availability Zones (AZs)
  • An Amazon VPC configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS
  • An Internet gateway to allow access to the Internet
  • In the public subnets, FortiGate-VMs that act as NAT gateways, allowing outbound Internet access for resources in the private subnets
  • In the public subnets, a FortiGate-VM host in an ASG complements AWS security groups to provide intrusion protection, web filtering, and threat detection to protect your services from cyber-attacks. It also allows VPN access by authorized users.
  • Amazon API Gateway, which acts as a front door by providing a callback URL for the FortiGate-VM ASG. FortiGate-VMs use an API Gateway to send API calls and to process FortiGate config-sync tasks to synchronize OS configuration across multiple FortiGate-VM instances at the time of the Auto Scaling scale-out event. This is currently only for internal use. There is no public access available.
  • AWS Lambda, which allows you to run certain scripts and code without provisioning servers. Fortinet provides Lambda scripts for running Auto Scaling. Lambda functions are used to handle Auto Scaling, failover management, AWS CloudFormation deployment, and configuration for other related components.
  • An Amazon DynamoDB database that uses Fortinet-provided scripts to store information about Auto Scaling condition states
  • Site-to-Site VPN connections

Resources

Related Videos

AWS FortiGate Autoscale with Transit Gateway support part 1

  • 543 views
  • 6 months ago

Deploying auto scaling on AWS with Transit Gateway integration

FortiGate Autoscale for AWS with Transit Gateway integration is available with FortiOS 6.2.1 and only supports On-Demand instances.

Before you deploy FortiGate Autoscale for AWS with Transit Gateway integration, it is recommended that you become familiar with the following AWS services. If you are new to AWS, see Getting Started.

FortiGate Autoscale for AWS with Transit Gateway integration uses AWS CFTs to deploy the following components:

  • A highly available architecture that spans two Availability Zones (AZs)
  • An Amazon VPC configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS
  • An Internet gateway to allow access to the Internet
  • In the public subnets, FortiGate-VMs that act as NAT gateways, allowing outbound Internet access for resources in the private subnets
  • In the public subnets, a FortiGate-VM host in an ASG complements AWS security groups to provide intrusion protection, web filtering, and threat detection to protect your services from cyber-attacks. It also allows VPN access by authorized users.
  • Amazon API Gateway, which acts as a front door by providing a callback URL for the FortiGate-VM ASG. FortiGate-VMs use an API Gateway to send API calls and to process FortiGate config-sync tasks to synchronize OS configuration across multiple FortiGate-VM instances at the time of the Auto Scaling scale-out event. This is currently only for internal use. There is no public access available.
  • AWS Lambda, which allows you to run certain scripts and code without provisioning servers. Fortinet provides Lambda scripts for running Auto Scaling. Lambda functions are used to handle Auto Scaling, failover management, AWS CloudFormation deployment, and configuration for other related components.
  • An Amazon DynamoDB database that uses Fortinet-provided scripts to store information about Auto Scaling condition states
  • Site-to-Site VPN connections