Policy Configurations

  • Configure all firewalls to use security policies and profiles based on the Best Practice Internet Gateway Security Policy. In this reference deployment, this includes the Santa Clara Gateway in the co-location space and gateways in the AWS/Azure public cloud.
  • Enable SSL Decryption on all gateways in AWS and Azure.
  • Configure Policy-Based Forwarding rules for all gateways in AWS to forward traffic to certain websites through the Santa Clara Gateway. This ensures that sites like www.stubhub.com and www.lowes.com that block traffic from AWS IP address ranges are still accessible when users connect to gateways in AWS.

Related Documentation