Amazon Web Services (AWS) has announced the general availability of AWS Network Firewall.
The managed security service has been created in order to give customers improved visibility into their AWS setups and architecture, as well as to bolster network security.
AWS’ system can be enabled in Amazon Virtual Private Cloud (VPC) environments via the AWS console, and will automatically add a layer of network protection across AWS workloads and servers. In addition, AWS Network Firewall will scale up based on network traffic rates.
The solution’s rules engine can be customized or imported from AWS Partner Network (APN) providers such as CrowdStrike, Fortinet, and Trend Micro, among others. Snort and Suricata rules can also be implemented.
According to Steve Schmidt, chief information security officer at AWS, the solution was built in mind of customer feedback, in which clients said they wanted a cloud network firewall and network protections that “work with their existing security systems and without the headache of managing the underlying infrastructure.”
AWS already provides Web Application Firewall (WAF), AWS Shield — designed to stop Distributed Denial-of-Service (DDoS) attacks, AWS Security Groups for the protection of Amazon Elastic Compute Cloud (EC2) instances, and AWS Firewall Manager, a console to monitor firewall controls across AWS setups.
Amazon says that while existing offerings do address specific firewall security needs, Network Firewall will provide a blanket network security layer across all workloads. The system is able to monitor domain-based access controls, identify malicious traffic and implement web filtering, and inspect traffic packets from the network layer to the application layer.
AWS Network Firewall is now available in the US East, West, and European regions, with more regional deployments coming “soon.”
Amazon’s security solution is paid for based on hours deployed and gigabytes of data processed.
“AWS Network Firewall provides scalable network protections that allow customers to deploy highly customizable rules for their entire AWS infrastructure, and integrates with many of the APN partner services that customers already use,” Schmidt commented. “Best of all, there’s no need to configure or maintain additional infrastructure.”
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0