AWS Network Firewall introduces Geographic IP Filtering to inspect traffic based on geographic location
AWS Network Firewall now supports Geographic IP filtering on ingress and egress Amazon Virtual Private Cloud (VPC) traffic. This new feature makes it easy for customers to block traffic coming from or going to specific countries and meet compliance requirements. Previously, maintaining compliance with regulations was time-consuming because you have to maintain a list of IP addresses associated with specific countries and update your firewall rules regularly. Geographic IP Filtering saves time and reduces operational complexity by enabling you to filter traffic on Network Firewall using the country name.
AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. Geographic IP Filtering allows you to enforce your AWS Network Firewall rules and policies consistently across your entire network, making it easier to meet business or regulatory compliance requirements and improve your network security posture.
Geographic IP Filtering is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions. For more information about the AWS Regions where AWS Network Firewall is available, see the AWS Region table.
There is no additional cost to enable geographic Geographic IP Filtering on AWS Network Firewall. You can configure Geographic IP Filtering using the AWS Management Console, AWS CLI, AWS SDK, or the AWS Network Firewall API. To learn more about configuring Geographic IP Filtering, please refer to the service documentation.
9-23-2024: This post has been updated to replace all references to "GeoIP" with "Geographic IP."