Design And Build IPv6 Internet Inspection Architectures On AWS
AWS, Tuesday, June 3rd, 2025
As organizations increasingly adopt IPv6 to address public IPv4 exhaustion, private IPv4 scarcity-especially in large-scale networks-and the need to support IPv6-only clients, securing both IPv4 and IPv6 traffic becomes critical.
We can apply consistent traffic inspection for inbound and outbound flows in Amazon Virtual Private Clouds (Amazon VPCs) to maintain security. In this post, we explore best practices and reference architectures for implementing internet egress inspection for IPv6 traffic in Amazon VPCs. This is achieved using Amazon Web Services (AWS) Network Firewall and AWS Gateway Load Balancer (GWLB) with third-party firewall appliances.