All news with #aws network firewall tag

AWS Network Firewall — Managed Rule Groups from Marketplace

🔒 AWS Network Firewall now supports managed rule groups from AWS Marketplace partners, enabling customers to deploy partner-curated threat intelligence directly from the console. These managed rules are continuously updated by vendors and integrate with existing firewall architectures without routing changes. They reduce operational overhead across multiple VPCs and help maintain compliance and security posture. Customers should evaluate partner offerings against their requirements.

Check Point Launches Managed Rules for AWS Network Firewall

🔒 Check Point and AWS have introduced Check Point Managed Rules for AWS Network Firewall to simplify scaling network security across complex cloud environments. The service provides centrally managed, preconfigured rule sets that reduce the time and effort required to deploy and maintain firewalls across multiple VPCs and subnets. By automating updates and delivering threat-informed rules, the offering aims to lower operational overhead, accelerate response to new attack vectors, and free scarce IT resources for higher-value tasks.

AWS Network Firewall Adds Managed Rules from AWS Partners

🔒 AWS Network Firewall now supports managed rule groups from AWS Partners, enabling customers to deploy partner-maintained, automatically updated security rules directly into firewall policies. You can subscribe and deploy these pre-configured rule groups via the AWS Network Firewall console or through AWS Marketplace, with consolidated billing and potential long-term pricing benefits. Available sellers include Check Point, Fortinet, Infoblox, Lumen, Rapid7, ThreatSTOP, and Trend Micro in all AWS commercial regions where the services are offered.

AWS Network Firewall Log Analysis Using OpenSearch

📊 The post describes a new Amazon CloudWatch and Amazon OpenSearch Service dashboard that simplifies analysis of AWS Network Firewall logs by removing previous multi-step setup and streamlining integration. It explains prerequisites, creating an OpenSearch integration and dashboard, selecting log groups, sync intervals, and IAM roles. The overview covers widgets, filters, CSV export, common use cases, and cost considerations to improve visibility and troubleshooting.

Active Threat Defense Now Default in AWS Network Firewall

🔒 Starting today, AWS Network Firewall enables active threat defense by default in alert mode when you create new firewall policies in the AWS Management Console. The feature provides automated, intelligence-driven visibility into ongoing threat activities and the indicator groups, types, and names you are protected against. You can switch to block mode to automatically prevent suspicious traffic or disable the feature entirely. AWS verifies threat indicators to reduce false positives and the capability is available in all Regions, including AWS GovCloud (US) and China.

AWS re:Invent 2025 — Security Sessions & Themes Overview

🔒 AWS re:Invent 2025 highlights an expanded Security and Identity track featuring more than 80 sessions across breakouts, workshops, chalk talks, and hands-on builders’ sessions. The program groups content into four practical themes — Securing and Leveraging AI, Architecting Security and Identity at scale, Building and scaling a Culture of Security, and Innovations in AWS Security — with real-world guidance and demos. Attendees can meet experts at the Security and AI Security kiosks in the expo hall and are encouraged to reserve limited-capacity hands-on sessions early to secure seats.

AWS Network Firewall Now Available in Auckland Region

🔒 AWS Network Firewall is now available in the AWS New Zealand (Auckland) Region, enabling customers to deploy essential network protections across all Amazon VPCs. As a managed firewall service, it automatically scales with traffic volume and delivers high availability without requiring customers to provision or maintain infrastructure. It integrates with AWS Firewall Manager to provide centralized visibility and policy control across multiple AWS accounts, simplifying governance and enforcement.

Secure Network Architectures for Generative AI on AWS

🔐 This post explains how to design defense-in-depth network architectures for generative AI workloads using AWS services. It outlines common external threats — including layer 4 and layer 7 DDoS, web request floods, application-specific exploits, and malicious bots — and maps mitigations to AWS capabilities. The guidance recommends private connectivity via Amazon Bedrock and AWS PrivateLink, edge protections with AWS WAF and AWS Shield, subnet-level controls using AWS Network Firewall, and continuous detection and response with GuardDuty, Inspector, and CloudWatch.

AWS Network Firewall Enhances Application-Layer Controls

🔐 AWS released enhanced default application-layer rules for AWS Network Firewall to better handle TLS client hellos and HTTP requests that are split across multiple packets. The update adds new default stateful actions — drop and alert established — enabling security teams to enforce controls without complex custom rules while supporting modern TLS implementations and large HTTP requests. Detailed logging preserves visibility. Available in all supported AWS Regions.

AWS Network Firewall: SNI Session Holding for TLS Guide

🔒 AWS Network Firewall now offers SNI session holding to strengthen TLS inspection by validating the TLS SNI before initiating an outbound TCP connection. When enabled, the firewall holds TCP/TLS establishment until it receives the ClientHello SNI and evaluates it against Suricata-based TLS inspection rules, preventing any contact with disallowed endpoints. Administrators can enable this option in a TLS inspection configuration via the AWS Management Console, AWS CLI, or AWS SDK; it’s available in Regions including GovCloud and China and is billed as part of TLS advanced inspection.

AWS Network Firewall Enhances Console Monitoring and TLS

🔒 AWS Network Firewall now delivers expanded console monitoring and enhanced TLS inspection capabilities to improve outbound security. The monitoring dashboard adds visibility into traffic to AWS services such as Amazon S3, Amazon DynamoDB, and AWS Backup, including traffic sent over PrivateLink, and surfaces top source and destination IPs by packets and bytes. Customers can filter views by IP and protocol for targeted analysis. A new session holding feature for TLS Inspection prevents TCP/TLS establishment from reaching servers until SNI-based rules are evaluated, strengthening controls against malicious endpoints.

AWS Network Firewall adds ReceivedBytes metric in CloudWatch

🔍 AWS has added the new ReceivedBytes metric for AWS Network Firewall to Amazon CloudWatch, giving customers per-firewall visibility into total incoming bytes inspected. The metric differentiates counts for the stateless and stateful engines, enabling more granular analysis of processing and performance. Available in all Regions where Network Firewall is supported, the data can be integrated into existing monitoring, alerting, and optimization workflows to support capacity planning and cost reduction.