This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

centralized UTM with VPN for AWS different accounts in different regions.

Hi All-

 

I am Abhilash, working as a DevOps engineer. I would like to get best recommendations for the following things,

 

Agenda:-

            To securely accessing an AWS instances in different AWS regions using Sophos UTM/VPN.

We have more than 100+ AWS instances in different regions like (US, EU, APAC) and all of them are in different VPC's (including all env like PROD, STAGE, QA, DEV etc ) so easy to administrate them, we are planning to implement a centralised VPN using Sophos UTM. All Sophos AWS instance should be in the same range of CIDR. for example: [ US-west Sophos instance would be 172.16.1.5/32 and EU-Central 172.16.1.10/32 ]

Presently I deployed Sophos UTM using as a cold-standby method. 

1) What kind of VPN (Site2site, SSL, etc) is recommended to communicate each other without any issues? Please advise pros and cons of recommended one.

2) Is it possible to send UTM logs to ELK stack? if so, please guide or provide official instructions. 

3) How possible to enable MFA for all required VPN accounts? can we configure centralised user login for VPN?

4) As we've a cold-standby stack, will we face any impact or downtime during the failover happen? if so, whats the expected timeframe to switch to new instance?

Please provide if any past diss

I would appreciate you if anyone can help my questions.

 

Regards,

Abhilash S V



This thread was automatically locked due to age.
  • Hi, Abhilash, and welcome to the UTM Community!

    If this is a pre-sales situation, contact Sophos Sales so that you can interact with a Sophos Pre-Sales Engineer.

    One of our unwritten rules here is "one topic/question per thread."  This is to make it easier for people to find an answer without asking an old question that was already answered.  In this case, you've asked questions that should be asked separately in three different forums and certainly not in the UTM Manager forum, so it's no surprise that no one's helped you yet.

    Ask #1 and #3 in separate, appropriately-titled threads in the VPN forum. #2 in the Management forum and #4 in the UTM AWS forum.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA