What's new at AWS ๐ข
๐ฑ AWS Firewall Manager now supports retrofitting of existing AWS WAF #WebACLs
๐ฑ It enables customers to centrally create policies for AWS WAF that add baseline rule sets to existing WAF WebACLs associated with their resources.
๐ฑ With this, security administrators can now use Firewall Manager policies for WAF to insert first and last rule groups
๐ฑ Also centrally configure a logging destination for existing WebACLs while leaving custom rule sets intact.
๐ฑ To centrally define baseline protection that applies to resources protected by WAF while ensuring it is enforced by the WebACLs, By enabling the โretrofitโ setting on a Firewall Manager WAF policy.
๐ฑ It helps customers to rapidly deploy a standard set of WAF rules to all web applications at any time without affecting existing WAF deployments.
๐ Some of the AWS best practices of AWS Firewall manager NACL:
โ๏ธ Start with automatic remediation disabled
โ๏ธ Don't modify the value of the FMManaged tag on a network ACL
โ๏ธ Don't modify the rules that are managed by Firewall Manager
โ๏ธ Don't modify the associations for subnets that have Firewall Manager managed network ACLs
โ๏ธ Don't modify the pre-configured rules that are managed by Firewall Manager
๐ Complete guide to setup Centrally manage AWS WAF rules with Firewall Manager:
https://aws.amazon.com/blogs/security/centrally-manage-aws-waf-api-v2-and-aws-managed-rules-at-scale-with-firewall-manager/
๐ Explore more about AWS Firewall Manager:
https://aws.amazon.com/firewall-manager/
Top comments (0)