Posted On: Nov 18, 2020
AWS Firewall Manager now supports AWS Network Firewall, making it easy for security administrators to centrally configure and deploy Network Firewall rules across their organization. AWS recently launched AWS Network Firewall, a highly available, managed firewall service that gives customers enhanced control and visibility of all traffic leaving and entering their network. With Firewall Manager support, customers can centrally manage the deployment of Network Firewall rules across accounts, organizational units (OUs), and Amazon virtual private clouds (VPCs) in their organization.
To get started, customers can configure a Firewall Manager security policy from their Firewall Manager dedicated security administrator account. The security policy should specify one or more set of Network Firewall rules along with the accounts, OUs and VPCs in which the rules should be deployed. Once configured, Firewall Manager will automatically create a Network Firewall with the sets of rules, deploying an endpoint in a dedicated subnet for every availability zone containing public subnets, in the accounts and VPCs you specify. At the same time, any changes to the centrally configured set of rules are automatically updated downstream on the deployed Network Firewalls. This enables security administrators to consistently enforce centrally mandated Network Firewall rules across their organization, even as new accounts and VPCs are created in the organization. At the same time, Firewall Manager also reports non-compliant events including any VPCs and accounts that are missing a Network Firewall.
AWS Firewall Manager is a security management service which allows customers to centrally configure and manage firewall rules across their accounts and resources in AWS Organization. With this launch, customers can now centrally deploy and manage AWS WAF rules, AWS Shield Advanced protections, VPC security groups, and AWS Network Firewall rules across their entire AWS Organization.