AWS recently announced a new service, AWS Network Firewall, which provides network security controls across Amazon Virtual Private Cloud (VPCs). The easy to deploy service enables users to launch a managed cloud native firewall to complement the rest of the AWS Security Platform. This potentially enables faster, simpler, deployment of firewalls, policies and advanced rulesets for complex networking deployments.
As part of the announcement, IBM Security was named an AWS launch AWS Network Firewall partner across both Independent Software Vendors (ISV) and Managed Security Solutions Providers (MSSP)capabilities. This builds off the broad IBM Security support for cloud native services in AWS covering both Security Information and Event Management (SIEM) and managed security services offerings as well as demand for deep partner integrations across AWS technologies.
During a meeting with the IBM Security QRadar Team, where teams integrated QRadar with the new AWS Service, I had the opportunity to play with AWS’s new Cloud Native Firewall, Code Name “Vanta,” I must say I am very impressed with this Firewall. What is Vanta? Vanta or AWS Network Firewall as its newly branded name, is a Managed (FWaaS) Firewall as Service offering for AWS Cloud Services. It’s a stateful, cloud-based network security firewall as a service with cloud scalability and high availability on the way.
Or as AWS describes it, “a network firewall service for Amazon Virtual Private Cloud (VPC).”
AWS Firewall provides enterprise firewall features that allows customers to secure their cloud environments without the need to purchase a traditional firewall appliance. AWS Firewall’s has a powerful feature set to list a few: Stateful FW, Packet Inspection, Filtering. It also has the ability to import rules from Snort or Suricata IPS (Intrusion Prevention System) that allows for Snort and Suricata rule portability. That’s right, you can port your existing Snort and Suricata rules to the AWS Firewall. This means all open source rule sets you have curated can be rolled in, while leveraging the rules curated in the open source community as well. This could potentially save months of engineering time in itself. Due to time constraints this feature will be tested after GA.
As with anything with great power comes great responsibility, and the AWS Firewall is no exception. IBM Security Services is partnering with AWS to help its clients take advantage of this cost effective opportunity without compromising a client’s security requirements. Leveraging IBM Security X-Force Threat Management, IBM Security X-Force Red and IBM Security QRadar to bring the best of breed security services to AWS.
AWS Firewall Summary:
The AWS Firewall features list is impressive to say the least. What I really appreciate is it’s not just features rich, it’s features right. It has the features you really need and are most likely to use in a cloud native deployment, plus it adds few stealth sparklers under the hood.
|IP/Port/Protocol Based Filtering
|Per-AZ Rate Limiting
|Deep packet inspection (native decryption not supported)
|Automatic protocol detection
|Ability to import domain name lists or Suricata and Snort compatible rules
|Logging to S3, Cloudwatch or Kinesis Firehose