two firewalls behind an NLB.
what approach would you take to spin up additional firewalls if a certain threshold is hit (what threshold would you trigger on)?
i've looked at the templates provided by palo alto but this would be adding additional firewalls in already established VPCs.
also use panorama
Solved! Go to Solution.
That would vary based on your environment and the type of traffic you inspect. You may want to look at a sample size of your data to find the value better suited for your app mix. For example, if you have high session count traffic then you may want to trigger based on session utilization table. If you have traffic that depleted dataplane cpu then you may want to look at the processor utilization. It all depends on the type of traffic you have. Our Auto Scale templates support this and you can set your ASG to have 2 FW by default. But if manually scale is what you want you will have to manually monitor this or write a script to check either metric.
Also, for AWS auto scale 2.1, it supports deployment into an existing application environment.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!