FortiWeb-VM HA provides two deployment options:
- Deployment into a new VPC (end-to-end deployment). This option builds a new AWS environment consisting of the VPC, subnets, FortiWeb-VMs, security groups, and other infrastructure components, and then deploys FortiWeb-VM HA into this new VPC.
- Deployment into an existing VPC. This option provisions FortiWeb-VM HA in your existing AWS infrastructure.
Incoming requests to the web servers in the private subnets will go through a connection that flows through the Internet gateway, network load balancer, and the FortiWeb-VM ASG before reaching the web server. The web server returns the response using the same connection.
Outgoing requests from the web servers go through the Internet gateway to the external network. The external network returns the response using the same path.
FortiWeb-VM HA provides separate CFTs for these options. It also allows you to configure CIDR blocks, instance types, and FortiWeb-VM settings.