Posted On: Dec 9, 2021
AWS Network Firewall now supports AWS Managed Rules, which are groups of rules based on threat intelligence data, to enable you to stay up to date on the latest security threats without writing and maintaining your own rules.
AWS Network Firewall features a flexible rules engine enabling you to define firewall rules that give you fine-grained control over network traffic. Starting today, you can enable managed domain list rules to block HTTP/HTTPS traffic to domains identified as low-reputation or that are known or suspected to be associated with malware or botnets. You can select one or more rule groups to use in your AWS Network Firewall policies. For stateful rules, you can choose to block all requests that match managed domain list rules or use the alert action to see which requests match the rules. Each set of managed rule groups counts as a single rule group toward the maximum number of stateful rule groups per firewall policy.
There is no additional charge for using AWS managed rules for domain lists. You can access the new Managed Rules for AWS Network Firewall using the Amazon VPC Console or the Network Firewall API. This feature is available in all commercial AWS Regions except the AWS GovCloud (US) Regions. AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. The service automatically scales with network traffic volume to provide high-availability protections without the need to set up or maintain the underlying infrastructure. AWS Network Firewall is integrated with AWS Firewall Manager to provide you with central visibility and control of your firewall policies across multiple AWS accounts. To get started with AWS Network Firewall, please see the AWS Network Firewall product page and service documentation.