Posted On: Dec 2, 2022
Starting today, AWS Firewall Manager enables you to centrally deploy and monitor FortiGate Cloud-Native Firewall (CNF) across all AWS virtual private clouds (VPCs) in your AWS organization. With this release, customers now have a single firewall management solution to deploy and manage both AWS native firewalls and FortiGate CNF firewalls.
You can use Firewall Manager to orchestrate the deployment of FortiGate CNF and get centralized visibility into non-compliant configurations across accounts in your organization. You can use Firewall Manager to handle the end-to-end setup of FortiGate CNF across accounts and VPCs. Firewall Manager ensures that FortiGate CNF firewalls are automatically and consistently added to new accounts and VPCs with no manual intervention, reducing the heavy lifting required to monitor new accounts and add firewall protections. You can deploy FortiGate CNF in a centralized or distributed deployment model. Under a centralized deployment model, Firewall Manager will apply the FortiGate CNF global policy set configuration on firewall endpoints in an inspection VPC for centralized traffic inspection. Under a distributed deployment model, Firewall Manager will deploy firewall endpoints in all in-scope VPCs for local inspection.
To use this feature, you need to onboard to Firewall Manager and assign a security administrator account to manage firewall deployment centrally. Then subscribe to the FortiGate Cloud-Native Firewall offering in the AWS Marketplace. Using the Firewall Manager console or API, you can configure a Firewall Manager security policy to specify the FortiGate CNF policy set, the AWS account(s), and the VPC(s) in which to provision your firewalls. Once configured, Firewall Manager will automatically provision FortiGate CNF and alert you of any changes to the firewalls that are inconsistent with your intended security posture.
To get started, see the AWS Firewall Manager documentation for more details and the AWS Region Table for the list of regions where AWS Firewall Manager is currently available. To learn more about AWS Firewall Manager, its features, and its pricing, visit the AWS Firewall Manager website.