Configure all firewalls
to use security policies and profiles based on the Best Practice Internet Gateway
Security Policy. In this reference deployment, this includes
the Santa Clara Gateway in the co-location space and gateways in
the AWS/Azure public cloud.
Configure Policy-Based Forwarding rules
for all gateways in AWS to forward traffic to certain websites through
the Santa Clara Gateway. This ensures that sites like www.stubhub.com
and www.lowes.com that block traffic from AWS IP address ranges
are still accessible when users connect to gateways in AWS.