Integration of CloudGuard Network Security with AWS Cloud WAN Service
AWS Cloud WAN is a managed wide-area networking (WAN) service that organizations can use to build, manage, and monitor a unified global network that connects resources running across hybrid environments. And it allows for the use of simple network policies to centrally configure and automate network management and security tasks, to enable organizations to get a complete view of their global network.
AWS Cloud WAN is valuable for customers who are operating in multiple regions and trying to simplify their operational overhead. Additionally, this new service is compelling for customers who require complex peering, routing, and automated configurations but prefer to expend less time and effort maintaining, monitoring and building these resilient deployments.
SK with Overview, Best Practices, Reference Architecture, and CFTs: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Bare in mind that the solution is based on AWS TGW. Currently, AWS does not support TGW Appliance mode attachment on the AWS Cloud WAN, and as a result, East-West traffic inspection is supported only between subnets that belong to the same AZ.
TGW appliance mode should be supported by the end of the year, and only then the cross AZ inspection limitation will be removed.