Amazon Network Firewall launches support for Active Threat Defense
Amazon Network Firewall now offers active threat defense, a new security feature that helps you protect your Amazon Virtual Private Cloud (VPC) workloads against threat activities observed across Amazon Web Services infrastructure using Amazon Web Services threat intelligence.
Amazon Network Firewall with active threat defense provides automated, intelligence-driven protection against dynamic, ongoing threat activities observed across Amazon Web Services infrastructure. Once enabled, you can configure the managed rule group to automatically block suspicious traffic, such as command-and-control (C2) communication, embedded URLs, and malicious domains. The feature provides protection by continuously updating rules based on current threat activity. Amazon Network Firewall offers improved visibility for active threat defense rule groups, allowing you to see indicator groups, types and threat names you're protected against. If you are also an Amazon GuardDuty customer, related threat intelligence findings are marked with the threat list name “Amazon Active Threat Defense” going forward. These active threats can be automatically blocked by using the active threat defense managed rule group on Amazon Network Firewall.
To get started with Amazon Network Firewall with active threat defense, visit the Amazon Network Firewall console or refer to our documentation. This feature is available in all the Amazon Web Services regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD where Amazon Network Firewall is available today. For more information about Amazon Network Firewall and its features, please visit the Amazon Network Firewall product page.