Posted On: Apr 2, 2021
AWS Firewall Manager now enables security administrators to deploy the recently launched AWS WAF Bot Control across accounts in their organization, from a central administrator account. AWS WAF Bot Control is a new managed rule group that gives you visibility and control over common and pervasive bot traffic to your applications. You can use Bot Control to protect your web applications from automated bots that consume excess resources, skew metrics, cause downtime, or perform other malicious activities.
To get started, you can configure a Firewall Manager security policy for AWS WAF from your Firewall Manager dedicated security administrator account and select the AWS Managed Rule Group (AMR) identifying the AWS WAF Bot Control to include it in your security policy. From there, you can select the accounts, organizational units (OUs), and the resources where you want the rules to be applied, or excluded from. This enables security administrators to consistently enforce the Bot Control rules across their organization, even as new accounts and resources are created in the organization. With this release, you can also generate bot and bot-category labels for the Bot Control rule groups deployed by Firewall Manager for your accounts. The labels can then be used by individual accounts in your organization to allow or block traffic from specific bots.
AWS Firewall Manager is a security management service which allows customers to centrally configure and manage firewall rules across their accounts and resources in AWS Organization. Today, AWS Firewall Manager allows security administrators to configure firewall rules and protections for AWS WAF, AWS Shield Advanced, AWS Network Firewall, VPC security groups, and Amazon Route 53 Resolver DNS Firewall. To use Firewall Manager for AWS WAF, customers must onboard their accounts to AWS Organizations, enable AWS Config for all their accounts, and designate an account as the Firewall Manager administrator.