As AWS clients expand their usage of AWS services across multiple regions, accounts, and even development teams, it has been more challenging to handle security and compliance. AWS Firewall Manager aims to provide a solution for that.
AWS Firewall Manager allows clients to maintain central control over security settings and profile, even across regions and AWS user accounts. Your security group can respond in a timely manner to all potential threats and attacks while your developers work in safety.
- Automated policy enforcement—applies across different accounts and applications. As such, users can be assured that any applications will comply with organization-wide security policies when using Firewall Manager.
- Security policies contain WAF rules and optional AWS Shield advanced protection—each policy applies to a certain set of AWS resources, specified by account, resource type, resource identifier, or tag. Policies can be applied automatically to all resources or to a selected subset. Policies may have WAF rules from within your organization or created by AWS partners. This way, you may duplicate your security settings on-site for the cloud.
You must be using AWS Organizations to handle your accounts, with all features enabled.
You need to designate an AWS account within your organization as an AWS Firewall Manager administrator. They will have permission to deploy AWS WAF rules across the organization.
AWS Config must be enabled across all accounts for AWS Firewall Manager to have access.
You can start using AWS Firewall Manager today. This service is free for clients already using AWS Shield Advanced. Otherwise, you are charged a monthly fee for each policy in each region, along with the usual charges for WAF WebACLs, WAF Rules, and AWS Config Rules.
If you would like assistance on setting up your enterprise in the cloud, contact our AWS experts here at PolarSeven for a free assessment.