MemberJune 25, 2020 at 5:51 pm
the Firewall Manager definition says that “security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization.”
Does it mean , it help us to create the ACL , What does the word “configure” in this context means
MemberJune 25, 2020 at 8:24 pm
Thanks for the feedback.
From your question, the definition was taken from the AWS Firewall Manager page, https://aws.amazon.com/firewall-manager/
When it comes to the exam and real-world scenarios, instead of studying for definitions, it’s better to understand how the Service works and which scenarios fit on the use case for the use cases of the service.
AWS Firewall Manager is a security management tool that makes it easier for you to configure your AWS WAF rules across your accounts. With Firewall Manager, security administrators of large organizations can write company-wide rules from one place, enforce them across applications protected by AWS WAF, and get the central visibility of attacks against your Application Load Balancers and Amazon CloudFront infrastructure.
The usual NACL (Network Access Control Lists) are for within VPCs only. AWS Firewall Manager takes ACL to the next level, which allows you to create ACL rules and then apply across all accounts under your Organization.
Another good example of a real-world scenario for it is when you use CloudFront for your application. But when you use CloudFront, your application will be accessible publicly worldwide. If you want to restrict the IP address that can access your CloudFront distribution, you can configure your ACL and apply it to your CloudFront distribution. The VPC NACL can’t be applied to CloudFront because it is outside the VPC.
Hope this helps.
Kenneth Samonte @ Tutorials Dojo
Log in to reply.