Multicloud Defense East-West Gateways

An Egress/East-West gateway deployment implements East-West L4 segmentation between subnets or VPCs/VNets within their public cloud environments. The gateway functions in a forwarding mode with L4 firewall rules, allowing or denying traffic based on set parameters, with optional logging enabled.

The diagram shows an example of an AWS account with an east-west gateway in a centralized mode:

Forward proxy/forwarding mode architecture. Multiple Spoke VPCs and a Data Center connect via a Transit Gateway to a central Security VPC where traffic is processed through Gateway Load Balancers and datapath instances and then routed to the Internet.