Topics on this page

Deployment recommendations

Follow these recommendations when deploying Network Security in your environment.

  • Print the deployment checklist for the deployment option that you choose, and write the addresses and IDs of the network components in your environment as you work through the deployment.
  • Name each network component as you create them.
  • To easily navigate the AWS Management Console search for the different Services. For example, to navigate to the VPC Dashboard, search for VPC in the Services search bar.
  • Make sure that no new subnets you create contain an IP address that is already in use. Learn more about IP addressing in your VPC.
  • Network Security requires high CPU usage (85% or more). Disable any auto scaling alarms set for excess CPU utilization for your Network Security instances.
  • Create and maintain the Transit Gateway and Network Security instances in a separate infrastructure AWS account. Create Transit Gateway attachments across your other AWS accounts that need access to other resources.
  • Ensure you have permissions to access and modify the following areas of AWS before you begin deployment.
    • EC2
    • IAM
    • VPC
    • CloudWatch
    • Lambda