Domain 1.1: Network Connectivity — AWS SAP-C02 Practice Question 02

How to approach this question

Look for the service designed specifically for transparent inline inspection using third-party appliances.

Full Answer

B.Deploy Gateway Load Balancers (GWLB) with the firewall appliances in a centralized inspection VPC in each region. Route traffic from TGW to the GWLB endpoints.✓ Correct

Deploy Gateway Load Balancers (GWLB) with the firewall appliances in a centralized inspection VPC in each region. Route traffic from TGW to the GWLB endpoints.

Gateway Load Balancer (GWLB) is designed to deploy, scale, and manage third-party virtual appliances transparently.

Common mistakes

Choosing Network Load Balancer, which requires complex NAT configurations for inline inspection.

An organization has 50 VPCs across two AWS Regions connected via Transit Gateways (TGW). The TGWs are peered. The security team mandates that all inter-VPC traffic must be inspected by a centralized fleet of third-party firewall appliances. How should the architect design this network?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 6

More questions from this exam