Part 1: Introducing AWS Network firewall: Step-By–Step Guide To Provisioning AWS Network Fireplace
TABLE OF CONTENT
1. Overview2. Prerequisites3. AWS Services Used4. AWS Services Providers Similar Security Services Deployment Architecture7. Overview of the steps involved8. Step-by-Step Guide to Provisioning AWS Network Firewall9. Conclusion 10. CloudThat 11. FAQs1. Overview:
AWS Network Firewall, which was recently launched by AWS, is fully managed, highly available and scalable managed network that provides security for VPC’s workloads.
AWS Network Firewall (IPS) is an intrusion prevention tool that detects intrusion for VPC.
It is a managed service which makes it easy to deploy essential network protection for VPC’s workloads. We don’t have any responsibility for managing or deploying infrastructure.
AWS Network Firewall can be used in conjunction with AWS Firewall Manager to create policies based on AWS Network Firewall rules, and then centrally apply these policies across all your accounts and VPCs.
Two subnetsOne to protect the Network firewall
One for the Main subnet
Three Route tables
One for Internet Gateway
One for Main Subnet
One for Network firewall
3. AWS Services:
Network Firewall Rule Group
Policies on Firewall
Windows EC2 example
4. AWS has resources that offer similar Security Services
Before we dive into the AWS network firewall. Let’s take a look at the security capabilities for the VPC.
Traffic coming to and leaving the instances will be evaluated by the rules
Network control list
You can add stateful rules to allow us to evaluate traffic coming in and out of the subnets
It provides security for web applications that run on APIs, CloudFront and Load Balancers.
Provides protection against DDOS attacks
No matter which AWS service you use, there is a simpler way to scale your network security across all of your resources.
The subnet traffic routing is currently:
Traffic from the internet is routed through the Internet Gateway to the subnet whenever it arrives.
Traffic from the subnet will be routed to IGW directly and go to the internet.
There was no middleman to inspect the Internet gateway or subnet traffic.
It was impossible to limit traffic to a specific URL.
AWS created Network Firewall, a new security service that provides network security for all resource workloads, regardless of which AWS service they use.
AWS Network Firewall provides security for VPC workloads and is highly available and scalable by AWS.
Network Firewall allows URL filtering
How traffic flow inspection is achieved:
This is how Traffic Flow Inspection is done:
It will create a subnet in our VPC within our availability zone in a specific region
It will create a VPC subnet endpoint called the firewall subnet. Any traffic that comes to or leaves the subnet is routed through the network Firewall subnet, where the network firewall is present.
It will inspect the traffic and follow the rules and policies described.
It provides VPC-level security.
This blog will show you how to deploy Network Firewall according the architecture below.
5. Deployment Architecture:
6. Overview of the steps involved:
We will create a Network Firewall within the firewall subnet and one windows EC2 instance within the main public subnet. We will restrict traffic from the URL. Next, SSH into the instance to verify that the URL is opening in the browse.
Before you begin the Firewall creation, ensure that there is a