Move signals Amazon’s expansion into the cybersecurity sector.
AWS this week expanded its presence in the cybersecurity market with the introduction of AWS Network Firewall. The new product is a high availability, managed network firewall service for virtual private clouds (VPC).
In a blog post, Channy Yun, AWS’ principal developer advocate, explained the advantages of the new offering. “It enables you to easily deploy and manage stateful inspection, intrusion prevention and detection, and web filtering to protect your virtual networks on AWS.”
Network Firewall automatically scales with traffic, ensuring high availability with no additional customer investment in security infrastructure, he added.
With AWS Network Firewall, customers can implement customized rules to prevent their VPCs from accessing unauthorized domains, according to Yun. They can also use the solution to block thousands of known-bad IP addresses, or identify malicious activity using signature-based detection.
AWS Network Firewall makes firewall activity visible in real-time via CloudWatch metrics. This offers increased visibility of network traffic by sending logs to S3, CloudWatch and Kinesis Firehose.
The product is integrated with AWS Firewall Manager. This gives customers who use AWS Organizations a single place to enable and monitor firewall activity across all your VPCs and AWS accounts.
AWS Network Firewall is interoperable with a customer’s existing security ecosystem. That could include AWS partners such as CrowdStrike, Palo Alto Networks, and Splunk. Users can also import existing rules from community maintained Suricata rulesets.
How it works
AWS customers can use a firewall on a per-Availability Zone basis in their VPC. For each Availability Zone, they choose a subnet to host the firewall endpoint that filters traffic. The firewall endpoint in an Availability Zone can protect all of the subnets inside the zone except for the one where it’s located.
Admins can create or add new stateless or stateful rule groups. Also zero or more collections of firewall rules with priority settings that define their processing order within the policy. A stateless default action defines how Network Firewall handles a packet that doesn’t match any of the stateless rule groups.
As of the launch date, AWS Network Firewall integrates with a collection of AWS partners. These include IBM Corp., threat detect provider Alert Logic Inc., Splunk Inc. and others.
AWS Network Firewall is now available in US East (N. Virginia), US West (Oregon), and Europe (Ireland) Regions.
Tip: AWS emphasises the importance of a Well Architected Framework