Posted On: Mar 30, 2023
AWS Network Firewall now supports Transport Layer Security (TLS) inspection for ingress VPC traffic. This new feature enables customers to decrypt, inspect, and re-encrypt TLS traffic without having to deploy and manage any additional network security infrastructure.
AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. Starting today, you can use AWS Network Firewall to decrypt TLS sessions and inspect inbound VPC traffic originating from internet, another VPC, or another subnet. Encryption and decryption happen on the same firewall instance natively, so traffic doesn’t cross any network boundaries.
Ingress TLS inspection on AWS Network Firewall is available in the Asia Pacific (Sydney) Region and Europe (Ireland) Region.
You can enable TLS inspection from the Amazon VPC Console or the Network Firewall API. To learn more about the TLS inspection feature and pricing, please see the AWS Network Firewall product page and service documentation.