Single FortiGate-VM deployment
You can deploy the FortiGate-VM enterprise firewall for AWS as a virtual appliance in AWS (IaaS). This section shows you how to install and configure a single instance FortiGate-VM in AWS to provide a full NGFW/unified threat management security solution to protect your workloads in the AWS IaaS.
Networking is a core component in using AWS services, and using VPCs, subnets, and virtual gateways help you to secure your resources at the networking level.
This section covers the deployment of simple web servers, but you can use this type of deployment for any type of public resource protection, with only slight modifications. With this architecture as a starting point, you can implement more advanced solutions, including multitiered solutions.
In the example, two subnets are created: Subnet1, which is used to connect the FortiGate-VM to the AWS virtual gateway on the public-facing side, and Subnet2, which is used to connect the FortiGate-VM and the Windows server on the private side.