AWS Network Firewall

AWS Network Firewall

AWS Network Firewall helps filter the network traffic at the VPC’s boundary before it leaves or enters the VPC.

AWS Network Firewall involves the following components:

• Firewall endpoint: This creates a firewall endpoint in the public subnet for the selected Availability Zone and associates a firewall policy defining the network filtering behavior.

• Firewall policy: This defines the firewall actions to be taken for protection in the form of stateless and stateful rule groups. A firewall can be associated with only one firewall policy.

• Rule group: This defines the rules to pass or drop the VPC network traffic. Rule groups are added to the firewall policy.

AWS DNS Firewall

AWS DNS Firewall helps filter the network traffic based on the domain names. It protects outbound DNS requests by allowing or blocking the domains defined in the rule groups.

A DNS firewall involves the following components:

• Rule groups: These are reusable collections of firewall rules for filtering the DNS queries. A rule group can be associated with one or more VPCs. To filter the DNS queries, rules are added within the rule groups on which an ALLOW, BLOCK, or ALERT action can be performed.

• Domain list: This is a reusable collection of domains used within the rule group to filter the network traffic. We can create our own domain list or use an AWS-managed domain list.