QMCLOUD
  • What is QMCLOUD
  • Overview
    • Component Details
    • Security and RBAC
    • Dependencies
  • Architecture
  • Main features
  • Installation and Configuration
    • QMCLOUD SaaS
      • SaaS Registration
    • AWS Marketplace
    • Self-hosting
  • User Interface and Navigation
    • Main menu
    • Dashboard
    • General action buttons
    • Stack and Canvas
    • Stack Details
  • Getting started
    • Pre-requisites
    • Login to QMCLOUD
    • Create organization
    • Add Role
    • Add User
    • Add Components
    • Add Stack Profile
    • Add Workspace
    • Add Stack
    • Compose Infrastructure Using the Canvas
    • Add AWS Vpc
    • Add Subnets
    • Connect VPC and Subnets
    • Save Canvas State
    • Deploy the Infrastructure
  • AI Copilot
    • Example deployment using AI Copilot
    • AI Copilot pre-defined prompts
  • Additional resources
    • Explainer video
    • Short video on AI Copilot
    • Quick walkthrough videos
    • Walkthrough of deployment of AWS EKS
  • Examples
    • Deploy AWS Firewall and Networking with QMCLOUD
      • Application and landing zone components
      • List of landing zone components
      • Deployment steps
      • VPC configuration details
      • Routing configuration details
      • Firewall configuration
      • Additional components configuration
    • Securing applications in AWS using Palo Alto firewall
  • Templates
    • AWS Landing Zone
    • AWS EKS
    • Azure Web App
Powered by GitBook
On this page

Was this helpful?

  1. Examples
  2. Deploy AWS Firewall and Networking with QMCLOUD

Firewall configuration

The following firewall configuration was used in the sample deployment

PreviousRouting configuration detailsNextAdditional components configuration

Last updated 2 years ago

Was this helpful?

In AWS the following components are required to programmatically create the firewall infrastructure:

AWS Network Firewall - This represents the firewall that is deployed in AWS and is associated with a VPC. The firewall can be deployed in various models depending on the requirements. In this sample deployment, the firewall is deployed in a public subnet to inspect all ingress and egress traffic

Firewall Policy - The policy is assigned to a firewall and contains the desired rules and behavior of the firewall. Rules are created as part of the rule groups.

Firewall Rule Groups - Firewall rules are either stateless or stateful. Once the rule grops are created, they are associated with a policy. Details of the rules are beyond the scope of this document.

Connections:

The following diagram depicts the appropriate connections. QMCLOUD offers "Auto Connections" feature that connects most commonly used connections on the canvas automatically thus reducing the effort required by the end users.

Configuration and connection for AWS Firewall and its associated components