Palo Alto Networks Next-Generation Firewall AWS Integration

Executive Summary:

As a result of this engagement, you will have a scalable, highly available deployment of Palo Alto Next-Generation Firewalls in the cloud built around vendor and industry best practices. This implementation will allow your network and security teams to extend your existing processes, policies, and workflows seamlessly into the public cloud. This is can be used as a pilot to test Palo Alto or to secure your existing cloud stack through a Management or Shared Service VPC.

Offering Description:

Vandis will work with your network and security teams to integrate Palo Alto Next-Generation Firewalls into their Management or Shared Service VPC on AWS. We will assist with the design and configuration of the VPC, subnets, Network Security Groups (NSGs), and Route Tables and deliver that in a design document.

Throughout the engagement, your organization will work with the Vandis Engineering team to understand your security needs and goals. Vandis will also make recommendations on other solutions that may help achieve your cloud goals.

Deliverables:

Cloud Design Session
- Discuss Cloud Goals
- Discuss current Security Topology
- Discuss underlying Cloud Governance
- Discovery of existing environment
Palo Alto Next-Generation Firewall Deployment:
- VPC topology and address space allocation
- Subnet and network segmentation
- Route Tables
- Network Security Groups/NACLs
- Load Balancers
- Integration of Palo Alto Next-Generation Firewalls into the VPC
  - Integration into existing Panorama (if applicable)
  - Basic Firewall Policies
Palo Alto Next-Generation Firewall Design
- Cloud Templates
- Architectural Design Document

For additional information, please reach out to 516-281-2200 or cloud@vandis.com