We have deployed autoscale security gateway on AWS cloud only for Northbound traffic to protect web application hosted in AWS customer account.
All application are publicly published and can be access from Internet.
Below is the traffic flow:
User access web application from internet--->traffic came to route53 and resolved in load balancer Ip adddress--->>when external load received the traffic and do the Ssl termination and sent the traffic to target group---->>Target Group is Cloudguard IaaS firewall----->Internal LB--->application hosted server.
My query is here that when External load balancer doing the ssl termination and sent the decrypted to Cloudguard IaaS.
Is it require to do https inspection on Cloudguard IaaS for received decrypted traffic from external LB?
If I am not doing https inspection because received traffic from external LB is already decrypted. Will my enabled blade on firewall do inspect of these traffic.
Please guide me to do correct deployment