Create an NGFW Resource on AWS

Now that you have created rulestacks and rules, you can create an NGFW resource and associate a local rulestack with that NGFW. During the configuration of your NGFW, you must choose how NGFW endpoints are created—automatically or manually. If you chose to manually create NGFW endpoints, you must create NGFW enpoints in the availability zones you specify.
Complete the following steps to create an NGFW.
  1. Select
  2. Click
    Add Firewall
  3. Enter a descriptive
  4. (
    ) Enter a
  5. Select an
    AWS Account
    from the drop-down to associate with this NGFW.
  6. Select a
    from the drop-down.
  7. Select a
    Local Rulestack
    from the drop-down.
  8. Specify AWS availability zones or subnets. You must specify whether or not the Cloud NGFW tenant will (service-managed mode) or will not (customer-managed mode) deploy NGFW endpoints.
    • Yes
      (service-managed)—in service-managed mode, the Cloud NGFW tenant automatically creates NGFW endpoints in the VPC subnets you specify.
    • No
      (customer-managed)—in customer-manged mode, you must manually create NGFW endpoints in each availability zone you specify.
  9. Click

Recommended For You