AWS Gateway Installation Overview
The BlastShield Gateway software is available as an AMI to deploy as a virtual Gateway in AWS EC2. The Virtual Gateway provides protection of EC2 and RDS instances by providing micro-segmentation and zero-trust access controls plus built-in password-less multi-factor authentication of connected users. Proected instances will be rendered invisible and isolated from unauthorised users.
Summary
Installation of a new Gateway instance in AWS requires the following primary workflows:
Create a BlastShield™ Gateway instance in the Orchestrator and launch the Gateway AMI in AWS.
Add Endpoints, configure AWS security groups and BlastShield Policy.
AWS Gateway prerequisites
Tip
The prerequisites for the AWS Gateway installation are listed below.
You have registered and you have read/write access to your BlastShield™ Orchestrator
You have a working AWS account and admin permissions.
You have created a standard AWS VPC with an internet gateway and at least one subnet.
Deployment architecture
The BlastShield Gateway AMI may simply be deployed inside your VPC and it will protect any EC2 or RDS instances in the VPC which you configure as endpoints. The Endpoints do not need to be in the same subnet as the Gateway, they need only be reachable by the Gateway.
 |