AWS Network Firewall enhances console, monitoring, and security features
AWS Network Firewall now offers enhancements to its console, monitoring dashboard, and security controls. These improvements include expanded monitoring insights and advanced TLS Inspection features. These updates provide customers with enhanced visibility into their firewall's performance and stronger security measures for outbound connections.
The monitoring dashboard now provides deeper insights into traffic going to AWS services such as Amazon S3, Amazon DynamoDB, and AWS Backup, which can be sent over PrivateLink endpoints. The dashboard also gives visibility into top source and destination IP addresses based on packets and bytes processed. Customers can filter the dashboard based on IP addresses and protocol, enabling more targeted analysis of network traffic patterns.
To further strengthen security, AWS Network Firewall has introduced session holding for TLS Inspection. This feature prevents any TCP and TLS establishment packets from reaching destination servers until TLS protocol rules matching on Server Name Indication (SNI) have been evaluated. This enhancement provides stronger security controls for outbound traffic and helps protect against connections to potentially malicious targets. These new features are available in all AWS Regions where AWS Network Firewall is offered.
To learn more about these new features and other AWS Network Firewall capabilities, visit the AWS Network Firewall product page and the service documentation.