Egress FireNet for AWS

Return to the Transit FireNet Workflow for Egress

Parameter	Description
Name	A name for the Transit FireNet
Cloud (prepopulated if creating on an existing Transit gateway)	Select Cloud type: Standard, GovCloud, China
Account (pre-populated if creating on an existing Transit gateway)	The cloud access account for creating the Transit FireNet Gateway.
Region (pre-populated if creating on an existing Transit gateway)	The cloud region in which to create the Transit FireNet Gateway.
VPC/VNet	The VPC or VNet in the selected region in which to create the Spoke Gateway.
Instance Size	Minimum size: c5.xlarge The minimum size may vary if HPE is enabled.
High Performance Encryption (HPE)	Turn On HPE for the FireNet deployment, for higher throughputs.
Peer to Spoke Gateways (optional)	Select pre-existing Spoke gateways to connect to the Transit FireNet gateway. Traffic from these Spoke gateways is sent to the Transit FireNet gateway for firewall inspection.
Attach to Subnet	FireNet is launched in this public subnet.
Public IP	Allocate a new, static public IP address to the new Transit gateway.
Gateway Load Balancer	Slide On to enable the AWS Gateway Load Balancer (differs from the Native AWS Load Balancer, which is part of the AWS TGW FireNet workflow). If the Gateway Load Balancer option was turned On as part of the Transit Gateway creation workflow (for AWS), it will be On and disabled in the Transit FireNet creation workflow. If the Gateway Load Balancer option was left Off as part of the Transit Gateway creation workflow (for AWS), it will be Off and disabled in the Transit FireNet creation workflow.
Traffic Inspection	Off by default. This means that only egress traffic will be inspected/routed to a firewall.
Egress	Egress (Internet-bound) traffic inspection is On and disabled by default.

Parameter

Description

Name

A name for the Transit FireNet

Cloud (prepopulated if creating on an existing Transit gateway)

Select Cloud type: Standard, GovCloud, China

Account (pre-populated if creating on an existing Transit gateway)

The cloud access account for creating the Transit FireNet Gateway.

Region (pre-populated if creating on an existing Transit gateway)

The cloud region in which to create the Transit FireNet Gateway.

VPC/VNet

The VPC or VNet in the selected region in which to create the Spoke Gateway.

Instance Size

Minimum size: c5.xlarge

The minimum size may vary if HPE is enabled.

High Performance Encryption (HPE)

Turn On HPE for the FireNet deployment, for higher throughputs.

Peer to Spoke Gateways (optional)

Select pre-existing Spoke gateways to connect to the Transit FireNet gateway. Traffic from these Spoke gateways is sent to the Transit FireNet gateway for firewall inspection.

Attach to Subnet

FireNet is launched in this public subnet.

Public IP

Allocate a new, static public IP address to the new Transit gateway.

Gateway Load Balancer

Slide On to enable the AWS Gateway Load Balancer (differs from the Native AWS Load Balancer, which is part of the AWS TGW FireNet workflow).

If the Gateway Load Balancer option was turned On as part of the Transit Gateway creation workflow (for AWS), it will be On and disabled in the Transit FireNet creation workflow. If the Gateway Load Balancer option was left Off as part of the Transit Gateway creation workflow (for AWS), it will be Off and disabled in the Transit FireNet creation workflow.

Traffic Inspection

Off by default. This means that only egress traffic will be inspected/routed to a firewall.

Egress

Egress (Internet-bound) traffic inspection is On and disabled by default.