A company is utilizing third-party firewall appliances for traffic monitoring and inspection on-premises and aims to replicate this model on AWS. They have a single VPC with an internet gateway and a fleet of web servers running on Amazon EC2 instances managed by an Auto Scaling group. The network team must collaborate with the security team to enable inline inspection of all packets sent to and from the web servers, ensuring the solution scales with the virtual firewall appliances.

Which three steps should the network team take to implement this solution? (Choose three.)

Exam-Like

Create a new VPC, and deploy a fleet of firewall appliances. Create a Gateway Load Balancer. Add the firewall appliances as targets.

Create a security group for use with the firewall appliances, and allow port 443. Allow a port for the Galeway Load Balancer to perform health checks.

Create a security group for use with the firewall appliances, and allow port 6081. Allow a port for the Gateway Load Balancer to perform health checks.

Deploy a fleet of firewall appliances to the existing VPC. Create a Gateway Load Balancer. Add the firewall appliances as targets.

Update the internet gateway route table and the web server route table to send traffic to and from the internet to the VPC endpoint ID of the Gateway Load Balancer. Update the subnet route table that is associated with the Gateway Load Balancer endpoint to direct internet traffic to the internet gateway.

AWS Certified Advanced Networking - Specialty

Get started today

Comments