Palo Alto Networks introduces Cloud Next-Generation Firewall Service for AWS (NGFW). You pay, pick an AWS cloud environment and set a policy. Palo Alto takes care of firewall deployment and management.

Cloud NGFW is a managed firewall service for private clouds in AWS. In practice, customers specify the cloud environment they want to secure, choose a security policy, and are good to go.

Palo Alto deploys its firewalls within applications, also known as Layer 7. Inbound and outbound traffic is secured per application. The service is available through the AWS Marketplace for any virtual private cloud (VPC) in AWS.

Firewall security

The firewalls are equipped with Advanced URL Filtering, Threat Prevention and APP-ID.

Advanced URL Filtering uses deep learning to intercept unknown threats (zero-day). Threat Prevention blocks advanced threats on every port. App-ID provides insight into application connections, behaviour and risks.

Cloud NGFW pay-as-you-go.

Cloud NGFW uses AWS Gateway Load Balancer. The gateway has numerous uses; most importantly, it keeps track of the amount of traffic that needs to be processed. If you’re short on capacity, the service automatically scales up — and vice versa.

Additionally, Cloud NGFW integrates with AWS Firewall Manager, an existing solution for policy management of firewalls across multiple AWS accounts and VPCs.

Tip: Palo Alto Prisma SASE is now suitable for MSPs