Network Firewall


Using network firewall, shall we get a centralized ingress & egress traffic filtering management option for VPC level as well as subnet level ? or we need to create a network firewall for each VPC to manage ?

asked 2 years ago397 views
1 Answer

Firewall Manager support 2 deployment models for Network Firewalls - Centralized and Distributed. Centralized deployment model create one central firewall in a central inspection VPC. All traffic from VPCs will then come to this central VPC for traffic inspection. Distributed deployment model creates one firewall in each of your VPCs and traffic is inspected at VPC level. There is also a hybrid method where, you create a central inspection VPC for baseline protection while some VPCs have additional local inspection.

Please refer to for detailed explanation of deployment models.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions