Posted On: Jul 29, 2022

AWS Network Firewall supports AWS Managed Threat Signatures to detect threats and block attacks against known vulnerabilities so you can stay up to date on the latest security threats without writing and maintaining your own rules. Starting today, you can enable AWS managed rules to protect against coin mining malware, credential phishing, and malware for mobile operating systems (OS). 

AWS Network Firewall’s flexible rules engine lets you define firewall rules that give you fine-grained control over network traffic. In addition to coin mining, phishing, and mobile OS managed rules, you can enable stateful managed rules for intrusion detection and prevention signatures that protect against threats such as botnets, scanners, web attacks, and emerging events. You have full visibility into managed threat signature rule content across 16 categories. You can select managed rule groups to add to your AWS Network Firewall policies, or you can copy and modify rule groups to meet your specific needs. AWS Network Firewall provides notifications of managed rule group updates through Amazon Simple Notification Service (SNS).

There is no additional charge for using AWS Managed Threat Signatures. You can access the new threat signature rules for AWS Network Firewall using the Amazon VPC Console or the Network Firewall API. This feature is available in all commercial AWS Regions where AWS Network Firewall is available and AWS GovCloud (US) Regions. AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. The service automatically scales with network traffic volume to provide high-availability protections without the need to set up or maintain the underlying infrastructure. To get started with AWS Network Firewall, please see the AWS Network Firewall product page and service documentation.