Overview
Trace3 provides organizations the expertise to build and deploy next generation cloud architectures secured with Palo Alto VM-series firewalls that are scalable and highly available. We use a team of experienced Trace3 Engineers with extensive experience of deployment of both AWS and VM-Series firewalls in cloud environments.
The proposed architecture will follow Palo Alto Network tested and verified reference architectures leveraging one or more of the following design constructs determined through careful consideration of requirements:
- Multiple Availability Zone architecture providing redundancy through AWS ELBs or custom failover code deployed in AWS Lambda
- Transit Gateway integration
- Centralized approach using Gateway Load Balancer and dedicated security VPC
- Dedicated Ingress, Egress and Directional VPCs to support all traffic flows
- Automatic provision using infrastructure as code
- Palo Alto Highly Available Architecture Deployed in single AWS Availability Zone
- Centralized Management of Firewalls using Panorama
Protection and security of cloud computing resources are key challenges that many organizations face. Our solution using the Palo Alto Network VM-Series solves these challenges by protecting AWS workloads through state-of-the-art application visibility, control and advanced threat prevention.
Scope: During this Service, Trace3 will perform the following tasks in a phased approach:
Discover
- Gather Cloud Security Requirements from Customer cloud and security teams
- Gain Access to customer AWS Cloud Environment
- Host discovery sessions with customer to identify traffic patterns to be inspected
- Discover Traffic Patterns and Throughput Characteristics
Design
- Review AWS VPCs, Subnets, Security Groups
- Size PAN VM-Series Firewalls
- Design new AWS Reference Architecture to support Firewall Deployment
- Design new Firewall and Traffic Flow Diagrams to support Firewall Deployment
- Identify Migration Approach for other AWS VPCs in the Organization
Implement
- Deploy Transit Gateway and TGW Attachments
- Deploy new AWS VPCs, Subnets, and Security Groups for Dedicated Traffic Flows
- Deploy Palo Alto VM-Series Firewalls with Load-Balancer and HA Capabilities
- Integrate with On-premise Panorama
- Deploy Initial Policy Sets in Palo Alto Virtual Firewalls
Knowledge Transfer
- Provide Regular KT Checkpoints to educate team on AWS and PAN Setup
Sold by | Trace3 |
Categories | |
Fulfillment method | Professional Services |
Pricing Information
This service is priced based on the scope of your request. Please contact seller for pricing details.
Support
Please contact the Trace3 Cloud Solutions Group for additional details on our approach to implementing a Cloud Security Framework featuring Palo Alto Networks VM-Series Firewalls:
- Phone: 877-575-8877
- Email: AWSMarketplaceSales@trace3.com
- Contact Us: https://www.trace3.com/contact