Posted On: Dec 19, 2023
Egress Transport Layer Security (TLS) inspection for AWS Network Firewall is now available in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions. This launch allows you to use AWS Network Firewall to decrypt TLS sessions and inspect inbound and outbound VPC traffic without the need to deploy or manage any additional network security infrastructure. Encryption and decryption happen on the same firewall instance natively, so traffic doesn’t cross any network boundaries.
AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. With this new TLS inspection feature, you gain more granular control and visibility over inbound and outbound network traffic flows. By decrypting and inspecting network traffic, you can enforce policies to safeguard your data, maintain regulatory compliance, and improve your security posture on AWS.
You can enable TLS inspection from the Amazon VPC Console or the Network Firewall API. To learn more about the TLS inspection feature and pricing, please see the AWS Network Firewall product page and service documentation.