AWS Network Firewall Partners are AWS Partners who have integrated with AWS Network Firewall across key security categories including, Security Orchestration Automation and Response (SOAR), Governance, Policy Management, Security Information and Event Management (SIEM), Security Monitoring, Threat Intelligence, Managed Detection and Response (MDR), and Consulting and Professional services.
AWS Partner solutions complement AWS Network Firewall, enabling you to deploy a comprehensive security architecture and a more seamless experience across AWS and your on-premises environment.
Alert Logic's Managed Detection and Response (MDR) delivers expert-enabled SaaS security to reduce the likelihood and impact of a successful cybersecurity event. When leveraged with AWS Network Firewall, Alert Logic MDR customers can benefit from web application threat detection coverage through a curated set of Alert Logic threat intel-developed signatures. As AWS Network Firewall discovers web attacks, they are analyzed and correlated with other sources. When combined with Alert Logic’s log, endpoint, and network telemetry, the integration provides additional coverage, extending the web application threat detection solution.
Check Point CloudGuard provides enhanced posture management, intelligence, and control for AWS customers using AWS Network Firewall to control VPC traffic. CloudGuard analyzes AWS Network Firewall rules to determine posture and misconfigurations while identifying non-compliance with customer chosen rulesets. With CloudGuard, customers can use simple GSL rules to centralize intelligence of their AWS Network Firewall controls, together with all of their cloud assets—proactively identifying and remediating issues, at the same time preventing threats across their entire AWS account. CloudGuard’s pre-packaged compliance rulesets including PCI-DSS, HIPAA, and NIST, further empower customers to ensure AWS Network Firewall policies meet stringent compliance regulations and industry best practices.
Defense in depth against sophisticated threats requires network layer protection to work in conjunction with cloud workload protection controls. CrowdStrike integration with AWS Network Firewall offers customers the ability to export domain-based indicators of compromise (IOCs) identified by the CrowdStrike Falcon® platform on the host level to block network activity arising from malicious domains and domain-based exploitation techniques. This integration allows customers to accelerate their incident response by quickly blocking access to known malicious domains across their AWS footprint. Customers can also proactively threat hunt for suspicious activity based on industry vertical, threat actor or TTPs across their Falcon-managed hosts and networks.
With Datadog’s AWS Network Firewall integration, customers can detect unexpected changes in network traffic, identify malicious connection attempts, and quickly resolve security and operational issues. Datadog collects AWS Network Firewall metrics and logs, applies relevant tags, and provides an out-of-the-box dashboard to get started quickly. Customers can also visualize this data alongside other infrastructure metrics and logs to analyze the flow of network traffic across an entire system. With Datadog Security Monitoring, customers can rapidly create rules to detect and alert on malicious connection attempts.
This integration brings AWS Network Firewall together with the FireEye Helix cloud-hosted security operations platform to provide enhanced network security, threat visibility, and threat hunting into a customer’s AWS environment. Customers of FireEye Helix and AWS Network Firewall gain visibility in mere minutes by ingesting metadata from AWS traffic flows. This data is enriched with threat intelligence, evaluated with behavior analysis and machine learning to prioritize those alerts that are most actionable. This allows customers to take control of any incident from alert to fix and prioritizes all threats happening across their ecosystem.
Leverage the power of Fortinet Managed IPS Rules for AWS Network Firewall, based on the latest threat information from FortiGuard Labs. FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its global team of threat hunters, researchers, analysts, engineers, and data scientists use advanced artificial intelligence (AI) tools to ingest over 200 different information feeds and over 100 billion security events every day to generate the actionable intelligence you need to face an ever-evolving threat landscape. Using AWS Network Firewall with Fortinet Managed IPS rules powered by FortiGuard Labs, customers can filter malicious traffic at the perimeter of their VPC with just a few clicks.
HashiCorp Terraform is an infrastructure as code automation tool providing a consistent CLI workflow to provision and manage over 600 AWS resources. HashiCorp Terraform provides a declarative language for defining network protections for VPCs with AWS Network Firewall. With HashiCorp Terraform customers can collaborate with others on their team to define firewall rules for fine-grained control over their network. Within customers' configuration, they can also leverage AWS Firewall manager to build policies and use AWS Network Firewall to apply those policies across VPCs.
IBM Security QRadar
IBM Security supports AWS Network Firewall and a broad set of AWS services with both security information and event management (SIEM) and managed services offerings. IBM Security QRadar provides comprehensive visibility and insights into the most critical threats across AWS environments, integrating directly with the suite of AWS security services. For customers who have enabled AWS Network Firewall, a leading SIEM and security analytics platform enables security teams to easily visualize, filter and prioritize offenses across users, networks, and endpoints. By leveraging the extensive integrations between AWS services and QRadar, organizations can accelerate their migration to AWS while maintaining visibility and control across the threat landscape.
Rackspace Technology is an AWS Network Firewall partner providing professional services and managed security services on top of native AWS security services for security for security engineering, 24x7x365 monitoring, advanced analysis, and threat remediation by certified security experts in the global Rackspace Security Operations Center (SOC). By leveraging services like AWS Network Firewall and AWS Security Hub, Rackspace Technology works with customers to design, implement, and manage cloud native security solutions, enabling them to achieve their security goals and protect their AWS environment.
Splunk helps customers drive outcomes across security, IT, and DevOps with the data platform built for the cloud. As an AWS Network Firewall partner, Splunk provides customers with a mechanism to quickly adopt to monitor, secure, and control AWS workloads. By ingesting AWS Network Firewall alerts and logs into Splunk and Splunk Enterprise Security, customers can implement sophisticated security practices while maintaining a complete view of their security posture with Splunk and Splunk Enterprise Security.
Sumo Logic’s Cloud SIEM solution provides security professionals real-time visibility into network traffic and automated correlation of threats surfaced by AWS Network Firewall. This reduces the time to detect, investigate, and remediate security issues. Sumo Logic performs automated threat detection, analysis, and correlation using threat intelligence, historical searches, and out-of-the-box security rules for AWS services–including AWS Network Firewall–and any hybrid cloud sources. By correlating security alerts from AWS Network Firewall, other AWS services, and all customer security tools, Sumo Logic provides granular visibility for investigating threats along with context that’s automatically enriched from user, device, and network activity.
Trend Micro Cloud One™ simplifies security on AWS by providing an automated, flexible, and all-in-one security services platform for cloud builders. By seamlessly integrating industry-leading IPS intelligence into AWS Network Firewall at no cost, Trend Micro Cloud One™ enables customers to block malware and restrict access to known malicious URLs. The integration of these powerful IPS rules provides a simple, scalable, and important cloud security service with reliable protection that does not require any infrastructure management for customers.
Tufin SecureCloud integrates with AWS Network Firewall allowing customers to gain visibility into their cloud security posture and establish security guardrails. Visibility of the cloud security policies allows achieving continuous compliance without compromising the business benefits of cloud computing. AWS Network Firewall’s flexible rules engine ensures a granular control over the network traffic and Tufin SecureCloud complements it by providing comprehensive impact analysis of the rule changes while maintaining the compliance posture throughout the lifecycle of the rules.
Accenture AWS Business Group and Accenture Security has experience with strategy, design, and implementation of Centralized Network environments in AWS that integrate network security by leveraging firewall tooling. Using Accenture's Central Network serverless deployment framework, Accenture can help customers build an automated, centralized, and scalable solution for managing AWS network resources and AWS Network Firewall rules to enable fine-grained control over network traffic in AWS.
IBM Security Services
IBM Security supports AWS Network Firewall and a broad set of AWS services with both security information and event management (SIEM) and managed services offerings. IBM Security Services can help transform customers' business and manage risk. IBM Security Services can help simplify and secure the customer adoption and management of native cloud security controls. For customers who have enabled AWS Network Firewall, IBM Security Services delivers core management and troubleshooting of customers' security controls and policies from a team with both cloud and security expertise. IBM Security Services also empowers customers to gain confidence and improve their network security maturity through relevant reporting, insights, and recommendations, allowing them to ensure proper coverage, reduce risks, and understand potential threats.
Interested in Becoming an AWS Partner?
The AWS Partner Network (APN) is the global community of Partners who leverage AWS to build solutions and services for customers.
AWS Consulting Partners who join the AWS Service Delivery program benefit from increased visibility to AWS customers and AWS teams, better connections, and deeper learning.