Network Firewall
💡 Definition
AWS Network Firewall is a managed, stateful network firewall and intrusion detection and prevention service for your VPC. It provides extra protection for your VPC traffic.
🔑 Key Concepts
- Managed Service: High availability and scalability are built-in.
- VPC Protection: Inspects traffic entering and leaving your VPC.
- Stateful Inspection: Can track the state of network connections.
- Intrusion Prevention (IPS): Detects and blocks vulnerability exploits.
- Web Filtering: Filters traffic based on domain names (URLs).
⚙️ How it Works
You deploy the Network Firewall into a dedicated subnet. You then update your VPC route tables to route traffic through the firewall endpoint for inspection.
🎯 Use Cases
- Filtering Outbound Traffic: Blocking access to known malicious domains.
- Deep Packet Inspection: Inspecting traffic payloads for threats.
- Compliance: Meeting regulatory requirements for network security.
💰 Pricing Model
- Endpoint: Hourly charge for each firewall endpoint.
- Data Processing: Charged per GB of data processed.
📝 Exam Tips (CLF-C02)
- A managed firewall service for VPC.
- More advanced than Security Groups and NACLs (supports URL filtering, IPS).
- Can be managed centrally via AWS Firewall Manager.
See Also: * VPC * Security Group * WAF (Web Application Firewall - Layer 7)