AWS Network Firewall
Deploy advanced network firewall security across your VPCs
Why AWS Network Firewall?
AWS Network Firewall helps you protect your Amazon VPCs with automated, intelligence-driven network security. Create granular rules to control traffic and automatically block active threats using AWS managed rules powered by Amazon threat intelligence. Deploy AWS Network Firewall across your VPCs for consistent protection through features like geographic IP filtering, deep packet inspection, and advanced intrusion prevention capabilities. AWS Network Firewall scales automatically to help defend your workloads while reducing operational overhead.
Benefits
Automatically scale
Automatically scale your AWS Network Firewall to protect your managed infrastructure
Protect workloads
Defend against active threats using AWS-managed rules powered by Amazon threat intelligence, with support for geographic IP filtering, and use the automated domain lists capability to analyze logs and create rules based on actual network traffic patterns
Centrally manage
Centrally manage security policies and multiple VPC endpoints across accounts and gain centralized inspection with AWS Transit Gateway integration for simplified deployment and consistent policy enforcement
Use cases
Cloud perimeter security & access control
AWS Network Firewall enables enterprise-grade perimeter defense by filtering incoming traffic at VPC boundaries using integrated intrusion detection/prevention systems and geographic IP filtering. Deploy stateful inspection and inline TLS inspection for both ingress and egress traffic to decrypt, monitor, and protect encrypted network flows. Create custom security rules to block malicious traffic patterns and restrict access from unauthorized regions. Seamlessly integrate with AWS security services for comprehensive inbound and outbound traffic protection.
Network traffic protection & monitoring
AWS Network Firewall provides comprehensive VPC network protection through domain filtering, deep packet inspection, and geographic-based access controls for outbound traffic. Deploy advanced security features including protocol-based blocking and HTTP/HTTPS traffic inspection to secure your cloud workloads.
 
Active threat detection & blocking
AWS Network Firewall with active threat defense automatically safeguards your cloud environment against emerging security threats using Amazon global threat intelligence. Detect and block active threats throughout the attack lifecycle with automated security responses and continuous protection updates.
 
VPC-to-VPC traffic security & inspection
AWS Network Firewall secures East-West traffic through stateful inspection and advanced intrusion prevention, monitoring inter-VPC communications for threats using signature-based detection. Integration with AWS Transit Gateway enables you to implement consistent security policies across your VPCs and Availability Zones, helping you protect workloads and data throughout your AWS infrastructure with centralized management.
Case studies
Learn how Rapid7 strengthens network security using Network Firewall
Did you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages