Enhancing Cloud Security Posture for AWS Network Firewall

By, Trisha Paine, Head of Cloud Product Marketing

Amazon Web Services (AWS) just announced the availability of the AWS Network Firewall, a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs). Check Point helps ensure stringent security controls and requirements are met through the integration of CloudGuard with AWS Network Firewall. This integration allows users to setup and automatically scale their network traffic controls with stateful inspection.

When it comes to the security of your network traffic controls, there are certain elements that are important to customers including unified security, visibility, and threat prevention.

The purpose of this blog is to outline how the Check Point CloudGuard integration with AWS Network Firewall helps enhance the security for AWS customers using AWS Virtual Private Clouds.

In order to manage the security of complex environments, it is important to have a unified security strategy. Within the AWS Network Firewall, customers can build rule-based policies and centrally apply them across their AWS VPC accounts. The CloudGuard integration creates even greater benefits when it comes to unified security across the AWS Network Firewall and additional AWS environments by providing continuous analysis of security posture to identify misconfigurations, as well as non-compliance with customer chosen rulesets throughout the entire resource lifecycle on one platform. Furthermore, customers can leverage simple Governance Specification Language (GSL) rules to centralize intelligence of their AWS Network Firewall controls, together with all of their cloud assets—proactively identifying and remediating issues, at the same time preventing threats across their entire AWS account. There are also pre-packaged rulesets including PCI-DSS, HIPAA, and NIST, to empower customers and ensure AWS Network Firewall policies meet stringent compliance regulations and industry best practices.

Often times with massively complex networks, maintaining visibility is complicated for customers. Visibility is important in order to understand the source of your network traffic. CloudGuard centralizes visibility across your networks and resources, into one centralized platform so that users can track network traffic, as well as the security and compliance posture of cloud resources and workloads,

Advanced threat prevention for your network is critical. To improve threat prevention, AWS Network Firewall provides users with a flexible rules engine allowing firewall rule definition to provide fine-grained control over their network traffic. One example would be blocking outbound Server Message Block (SMB) requests in order to prevent the spread of malicious activity. AWS customers can also import rules they have already written in common open source rule formats, as well as integrate managed intelligence feeds sourced by AWS partners, including Check Point CloudGuard. With the power of CloudGuard’s advanced threat prevention, customers can identify security threats, anomalies, and compliance risks, to your network and provide detailed analysis of the threat with steps for remediation.

With the power of AWS Network Firewall and Check Point CloudGuard, customers can have enhanced security for their VPCs with stringent controls, allowing them to maintain centralized security and compliance of their network environment.

For more information, sign up for a free security assessment today, or visit the Check Point listing on AWS Marketplace.

To find out more about this announcement, read the AWS blog post.