AWS Network Firewall example architectures with routing

This section provides a high-level view of simple architectures that you can configure with AWS Network Firewall and shows example route table configurations for each. For additional information and examples, see Deployment models for AWS Network Firewall.

Note

For information about managing route tables for your VPC, see Route tables in the Amazon Virtual Private Cloud User Guide.

Unsupported architectures

The following lists architectures and traffic types that Network Firewall doesn't support:

VPC peering.
Inspection of AWS Global Accelerator traffic.
Inspection of AmazonProvidedDNS traffic for Amazon EC2.

Topics

Simple single zone architecture with an internet gateway using AWS Network Firewall
Multi zone architecture with an internet gateway using AWS Network Firewall
Architecture with an internet gateway and a NAT gateway using AWS Network Firewall

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Avoiding asymmetric routing with AWS Network Firewall

Single zone internet gateway