Network Firewall

0

Using network firewall, shall we get a centralized ingress & egress traffic filtering management option for VPC level as well as subnet level ? or we need to create a network firewall for each VPC to manage ?

asked 2 years ago434 views
1 Answer
0

Firewall Manager support 2 deployment models for Network Firewalls - Centralized and Distributed. Centralized deployment model create one central firewall in a central inspection VPC. All traffic from VPCs will then come to this central VPC for traffic inspection. Distributed deployment model creates one firewall in each of your VPCs and traffic is inspected at VPC level. There is also a hybrid method where, you create a central inspection VPC for baseline protection while some VPCs have additional local inspection.

Please refer to https://aws.amazon.com/blogs/networking-and-content-delivery/deployment-models-for-aws-network-firewall/ for detailed explanation of deployment models.

AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions