AWS Firewall Manager
source link: https://aws.amazon.com/firewall-manager/?nc2=h_ql_prod_se_fm
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Centralized Firewall Management
Learn About AWS Pricing
AWS Free Tier
AWS Pricing Calculator
Optimize Your Costs
Documentation
AWS Customer Enablement
AWS Support
AWS Professional Services
AWS IQ
AWS Training and Certification
AWS Managed Services
AWS re:Post
AWS Events and Webinars
AWS Summit Online
AWS Innovate Online Conference
Online Tech Talks
Public Sector Events
AWS Training and Certification Events and Webinars
AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations. As new applications are created, Firewall Manager makes it easy to bring new applications and resources into compliance by enforcing a common set of security rules. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your entire infrastructure, from a central administrator account.
Using AWS Firewall Manager, you can easily roll out AWS WAF rules for your Application Load Balancers, API Gateways, and Amazon CloudFront distributions. You can create AWS Shield Advanced protections for your Application Load Balancers, ELB Classic Load Balancers, Elastic IP Addresses and CloudFront distributions. You can also configure new Amazon Virtual Private Cloud (VPC) security groups and audit any existing VPC security groups for your Amazon EC2, Application Load Balancer (ALB) and ENI resource types. You can deploy AWS Network Firewalls across accounts and VPCs in your organization. Finally, with AWS Firewall Manager, you can also associate your VPCs with Amazon Route 53 Resolvers DNS Firewall rules.
Benefits
Simplify management of firewall rules across your accounts
AWS Firewall Manager is integrated with AWS Organizations so you can enable AWS WAF rules, AWS Shield Advanced protections, security groups, AWS Network Firewall rules, and Amazon Route 53 Resolver DNS Firewall rules , and AWS Marketplace third-party firewall rules for your Amazon VPCs across multiple AWS accounts and resources from a single place. You can group rules, build policies, and centrally apply those policies across your entire infrastructure. For example, you can delegate the creation of application-specific rules within an account while retaining the ability to enforce global security policies across accounts.
Ensure compliance of existing and new applications
AWS Firewall Manager automatically enforces mandatory security policies that you define across existing and newly created resources. The service discovers new resources as they are created across accounts. For example, if you are required to meet US Department of Treasury’s Office of Foreign Assets Control (OFAC) regulations, you can use Firewall Manager to deploy an AWS WAF rule to block traffic from embargoed countries across your Application Load Balancer, API Gateway, and Amazon CloudFront accounts. As new resources are created, they will automatically be brought under the policy scope.
Easily deploy managed rules across accounts
AWS Firewall Manager integrates with Managed Rules for AWS WAF, which gives you an easy way to deploy pre-configured WAF rules on your applications. You can choose a Managed Rule from an AWS Marketplace Seller and deploy it consistently across your Application Load Balancer, API Gateway, and Amazon CloudFront infrastructure with just a few clicks in the console. For example, you can easily protect your entire organization from zero-day vulnerabilities by subscribing to a Managed Rule for WAF from the AWS Marketplace that provides CVE patch updates. For Advanced Shield protections, you can use AWS Firewall Manager to automatically protect against various types of DDoS attacks such as UDP reflection attacks, SYN flood, DNS query flood and HTTP flood attacks across accounts.
Centrally deploy protections for your VPCs
With Firewall Manager, your security administrator can deploy baseline set of VPC security group rules for EC2 instances, Application Load Balancers (ALBs) and Elastic Network Interfaces (ENIs) in your Amazon VPCs. At the same time, you can also audit any existing security groups in your VPCs for over permissive rules and remediate them from a single place. You can leverage Firewall Manager to deploy rules for AWS Network Firewalls across your VPCs in your organization, to control traffic leaving and entering your network. At the same time, with Firewall Manager, you can also associate your VPCs with Route 53 Resolver DNS Firewall rules to block DNS queries made for known malicious domains and to allow queries for trusted domains.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK