AWS Network Firewall

AWSNetworking

Managed stateful firewall, IDS/IPS, and TLS inspection service deployed as VPC endpoints with Suricata-compatible rule syntax, AWS Managed Threat Signatures rule groups, and centralised deployment via AWS Firewall Manager across Organizations

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore AWS in TreemapExplore networking in Honeycomb
DocumentationPricing

Attributes

SLA Uptime
99.99%

Sub-services (3)

Stateful Rules

Suricata-syntax rules for deep packet inspection and threat signatures

TLS Inspection

Man-in-the-middle decryption for inspecting encrypted egress traffic

AWS Managed Threat Signatures

AWS-curated IDS/IPS rule groups updated continuously from threat intel

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

38 regions
27 countries
5sovereign
Sovereign regions (5)
  • AWS GovCloud (US-East) · AshburnAWS GovCloud (US)
  • AWS GovCloud (US-West) · HillsboroAWS GovCloud (US)
  • AWS European Sovereign Cloud (Brandenburg) · BrandenburgAWS European Sovereign Cloud
  • China (Beijing) · BeijingAWS China (Sinnet)
  • China (Ningxia) · YinchuanAWS China (NWCD)
Commercial regions (33)

Europe (8)

  • Europe (Paris)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Europe (Milan)
  • Europe (Spain)
  • Europe (Stockholm)
  • Europe (Zurich)
  • Europe (London)

North America (7)

  • Canada West (Calgary)
  • Canada (Central)
  • Mexico (Central)
  • US East (N. Virginia)
  • US West (Oregon)
  • US East (Ohio)
  • US West (N. California)

South America (1)

  • South America (São Paulo)

Asia (11)

  • Asia Pacific (Hong Kong)
  • Asia Pacific (Hyderabad)
  • Asia Pacific (Mumbai)
  • Asia Pacific (Jakarta)
  • Asia Pacific (Osaka)
  • Asia Pacific (Tokyo)
  • Asia Pacific (Malaysia)
  • Asia Pacific (Singapore)
  • Asia Pacific (Seoul)
  • Asia Pacific (Taipei)
  • Asia Pacific (Thailand)

Oceania (2)

  • Asia Pacific (Melbourne)
  • Asia Pacific (Sydney)

Middle East (3)

  • Middle East (Bahrain)
  • Israel (Tel Aviv)
  • Middle East (UAE)

Africa (1)

  • Africa (Cape Town)

Tags

firewallidsipstls-inspectionsuricatanetworking

Equivalent services on other platforms

Azure FirewallAzure

Cloud-native, stateful firewall-as-a-service with built-in high availability, unrestricted scale, threat intelligence-based filtering, and centralised policy

Cloud ArmorGCP

Edge DDoS protection and web application firewall with managed rule sets for OWASP Top 10, adaptive bot protection, and reCAPTCHA Enterprise integration

OCI Network FirewallOracle

Managed next-generation firewall service powered by Palo Alto Networks VM-Series, with application awareness, TLS inspection, URL filtering, intrusion prevention (IPS), DNS security, and deployment flexibility across VCN or Transit Hub topologies

Pricing

Pricing model:pay-as-you-go