Cloud Firewall Service Insertion Design – Ingress Traffic

Following are two popular design choice

The topology shows the Palo Alto VM-Series as example but exact design works with Check Point, FortiNet and other firewalls as well.

Centralized VPC Sandwich LB Design

Dedicated Ingress VPC Design

Topology Credit: Rodrigo Loureiro