AWS provides comprehensive protections to help customers secure their networks, such as AWS Web Application Firewall (WAF) to protect internet-facing web applications, AWS Shield to safeguard against Distributed Denial of Service (DDoS) attacks, and AWS Firewall Manager which provides central management and visibility across all firewall controls on AWS. While these and other protections combine to provide highly secure and flexible layers of defense, many customers also want a simple way to apply and manage blanket network protections across all of their workloads (e.g., domain-based access controls, monitoring to identify malicious traffic patterns, and unified traffic inspection spanning from the network layer to the application layer). Customers also want to customize these protections based on their organization’s specific security needs, import rules from other trusted providers that they already use, and easily integrate collected logs and network data into their existing security workflows. Customers are seeking easy-to-use and customizable network protections, without having to manually patch and maintain servers, handle failover, and provision capacity.
With AWS Network Firewall, customers can easily deploy granular network protections across their entire AWS environment, without the need to configure and manage additional security infrastructure. AWS Network Firewall provides essential protections against common network threats, including dynamic packet filtering, intrusion prevention and detection, and web filtering. Customers can also implement customized Snort and Suricata rules (two widely used open source formats) to further tailor protections like preventing their VPCs from accessing unauthorized domains, blocking thousands of known bad IP addresses, or defending against common exploits by identifying patterns and behaviors associated with known threats. Customers can monitor firewall activity in real time via Amazon CloudWatch metrics, and can have AWS Network Firewall automatically send network traffic logs to Amazon Simple Storage Service (S3), Amazon Cloudwatch, and Amazon Kinesis Data Firehose for additional visibility and auditing purposes.
“When we talk to customers about what they want in a cloud network firewall they tell us that they want network protections that work with their existing security systems and without the headache of managing the underlying infrastructure,” said
AWS Network Firewall integrates with AWS Firewall Manager, allowing customers to build policies based on AWS Network Firewall rules and centrally apply those policies across their VPCs and accounts through the AWS Firewall Manager Console and API. Leading providers, including Accenture, Alert Logic, Check Point Software Technologies, CrowdStrike, Datadog, Fortinet,
For more than 125 years,
Fortinet secures the largest enterprise, service provider, and government organizations around the world. “Fortinet’s work with cloud customers of all shapes and sizes gives us broad visibility into the most critical components of network security in the cloud,” said
Rackspace Technology is a leading end-to-end multicloud technology services company. “At Rackspace we have a long history of supporting small and midsize businesses in their journey to the cloud, and one of the most common challenges these customers face is finding a simple and accessible way to secure their network and web applications,” said