Not been able to find any clear documentation on this, does anyone know if this can be solved somehow, if I am missing something? It would rather not hardcode IP addresses in the security group as we are setting up this using CloudFormation. ![]() While this is working: ContainerSecurityGroup: A next-generation firewall (NGFW) is a firewall with advanced features, while firewall-as-a-service (FWaaS) is a cloud-delivered firewall for protecting. SourceSecurityGroupId: !Ref ALBSecurityGroup Firewall VM-Series virtualized NGFW CN-Series containerized NGFW Cloud NGFW AIOps for NGFW PAN-OS Panorama Cloud Delivered Security Services Advanced. ![]() GroupDescription: "Security group for containers" So this is not working: ContainerSecurityGroup: ![]() See image below:įor some reason we are not able to get this to work when we allow traffic from the security group of the ALB into the security group of the ECS containers. We are trying to get traffic from the internet to hit our ALB, get decrypted and then sent through the Palo Alto Cloud NGFW and finally reach our containers. A next-generation firewall (NGFW) is a security appliance that processes network traffic and applies rules to block potentially dangerous traffic.
0 Comments
Leave a Reply. |