For specified virtual private cloud (VPC) environments, the AWS Network Firewall can easily be enabled from the AWS Console, and the company says there are no additional user fees; customers pay for the service based on hours deployed and gigabytes processed. The service enables users to import existing rules, including Fortinet, CrowdStrike, Trend Micro and Alert Logic, from AWS security partners. Check Point, Accenture, Rackspace, Splunk, SumoLogic, Tufin, IBM and Palo Alto Networks are other businesses that have created integrations with the new service. Customers can configure the service to automatically send data for more visibility and auditing purposes to S3, Cloudwatch and Kinesis Data Firehose. AWS noted that, without the need to manage additional infrastructure, the Network Firewall service enables customers to deploy granular network protection. Protections include dynamic filtering of packets, web filtering, as well as prevention and detection of intrusion. AWS Network Firewall is currently available in the regions of the US East (N. Virginia), US West (Oregon), and Europe (Dublin), but the cloud giant has promised to extend it in the coming period to other regions as well. Steve Schmidt, CISO of AWS, said When we talk to customers about what they want in a cloud network firewall, they tell us that they want network protection that works with their current security systems and without the headaches of managing the underlying infrastructure.” ‘AWS Network Firewall provides scalable network security to enable customers to implement highly customizable rules across their entire AWS infrastructure and to integrate with many of the existing APN partner services used by customers. Best of all, there’s no need to configure additional infrastructure or maintain it.
