AWS – AWS Network Firewall launches support for active threat defense

AWS Network Firewall now offers active threat defense, a new security feature that helps you protect your Amazon Virtual Private Cloud (VPC) workloads against threat activities observed across AWS global infrastructure using Amazon threat intelligence.

AWS Network Firewall with active threat defense provides automated, intelligence-driven protection against dynamic, ongoing threat activities observed across AWS infrastructure. Once enabled, you can configure the managed rule group in your firewall policy to automatically block suspicious traffic, such as command-and-control (C2) communication, embedded URLs, and malicious domains. The feature provides protection by continuously updating rules based on current threat activity. AWS Network Firewall offers improved visibility for active threat defense rule group, allowing you to see indicator groups, types and threat names you’re protected against. If you are also an Amazon GuardDuty customer, related threat intelligence findings are marked with the threat list name “Amazon Active Threat Defense” going forward. These active threats can be automatically blocked by using the active threat defense managed rule group on AWS Network Firewall.

To get started with AWS Network Firewall with active threat defense, visit the AWS Network Firewall console or refer to our documentation. This feature is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions and China Regions. For more information about AWS Network Firewall and its features, please visit the AWS Network Firewall product page AWS Network Firewall.

Read More for the details.