BT

Amazon Launches a New Cloud Security Service: AWS Firewall Manager

| by Steef-Jan Wiggers Follow 7 Followers on Apr 27, 2018. Estimated reading time: 2 minutes |

Amazon has launched a new service called AWS Firewall Manager, providing AWS customers a way to configure AWS Web Application Firewall (WAF) rules across multiple accounts centrally. The AWS Firewall Manager is a part of Amazon’s recent launch of several services for security and compliance.

Amazon made this service available responding to customer demand. Jeff Barr, chief evangelist AWS, stated in a blog post on the launch of Firewall Manager:

Over the last couple of years, we have provided our customers with an increasingly broad set of options for protection including AWS WAF and AWS Shield. Our customers are making great use of all of these options, and have asked for the ability to manage them from a single, central location.

With Firewall Manager, AWS customers will have access to a single service to create firewall protection policies and enforce them consistently across their Application Load Balancer (ALB) and Amazon CloudFront infrastructure. Furthermore, this security service enables users to apply custom WAF rules and Managed Rules for WAF available in the AWS Marketplace through various vendors like Imperva, F5, and Trend Micro. 

To be able to use AWS Firewall Manager customers must satisfy a few prerequisites:

  • Their organization must use AWS Organizations to manage their accounts, and all features must be enabled. 
  • One of the accounts in the organization needs to be designated administrator account for the Firewall manager to be able to deploy WS WAF rules organization-wide.
  • Enable the AWS Config for all the accounts in their organization so that Firewall Manager can detect any newly created resources.

Once prerequisites are satisfied, the designated administrator can create policies. A console will guide the administrator through the process of policy creation. The process includes creating rules and a rule group, defining a policy with the rule group, defining the scope of the policy, and then creating the actual policy. 


Image source: https://aws.amazon.com/blogs/aws/aws-firewall-manager-central-management-for-your-web-application-portfolio/

With rolling out policies, organization can reap the benefits from a central AWS Firewall manager. For instance, all resources and accounts can comply with a mandatory set of policies. Barr stated in the same blog post:

With automated policy enforcement across accounts & applications, your security team can be confident that new and existing applications comply with organization-wide security policies when they use Firewall Manager. They can find applications and AWS resources that don’t measure up and bring them into compliance in minutes.

Customers using AWS Shield Advanced will have access to AWS Firewall Manager and AWS WAF at no extra charge. Otherwise, customers are charged a monthly fee for each policy in each region, along with the usual charges for WAF Web ACLs, WAF Rules, and AWS Config Rules. For more details on pricing for AWS Firewall manager see the pricing page. The service is currently available in US East (Northern Virginia), US West (Oregon), and globally at all Amazon CloudFront edge locations. Further detail of the AWS Firewall Manager is available on the AWS Website.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT