Skip to main content

AWS Network Firewall

AWS Network Firewall

Deploy advanced network firewall security across your VPCs

Get started with Network Firewall

Why AWS Network Firewall?

AWS Network Firewall helps you protect your Amazon VPCs with automated, intelligence-driven network security. Create granular rules to control traffic and automatically block active threats using AWS managed rules powered by Amazon threat intelligence. Deploy AWS Network Firewall across your VPCs for consistent protection through features like geographic IP filtering, deep packet inspection, and advanced intrusion prevention capabilities. AWS Network Firewall scales automatically to help defend your workloads while reducing operational overhead.

Benefits

Automatically scale your AWS Network Firewall to protect your managed infrastructure

Defend against active threats using AWS-managed rules powered by Amazon threat intelligence, with support for geographic IP filtering, and use the automated domain lists capability to analyze logs and create rules based on actual network traffic patterns

Centrally manage security policies and multiple VPC endpoints across accounts and gain centralized inspection with AWS Transit Gateway integration for simplified deployment and consistent policy enforcement

Use cases

Cloud perimeter security & access control

AWS Network Firewall enables enterprise-grade perimeter defense by filtering incoming traffic at VPC boundaries using integrated intrusion detection/prevention systems and geographic IP filtering. Deploy stateful inspection and inline TLS inspection for both ingress and egress traffic to decrypt, monitor, and protect encrypted network flows. Create custom security rules to block malicious traffic patterns and restrict access from unauthorized regions. Seamlessly integrate with AWS security services for comprehensive inbound and outbound traffic protection.

Learn more

Network traffic protection & monitoring

AWS Network Firewall provides comprehensive VPC network protection through domain filtering, deep packet inspection, and geographic-based access controls for outbound traffic. Deploy advanced security features including protocol-based blocking and HTTP/HTTPS traffic inspection to secure your cloud workloads.

Learn more

Active threat detection & blocking

AWS Network Firewall with active threat defense automatically safeguards your cloud environment against emerging security threats using Amazon global threat intelligence. Detect and block active threats throughout the attack lifecycle with automated security responses and continuous protection updates.

Learn more

VPC-to-VPC traffic security & inspection

AWS Network Firewall secures East-West traffic through stateful inspection and advanced intrusion prevention, monitoring inter-VPC communications for threats using signature-based detection. Integration with AWS Transit Gateway enables you to implement consistent security policies across your VPCs and Availability Zones, helping you protect workloads and data throughout your AWS infrastructure with centralized management.

Learn more

Learn how Rapid7 strengthens network security using Network Firewall