With AWS Firewall Manager, you now have a single service to create firewall protection policies and enforce them consistently across your Application Load Balancer and Amazon CloudFront infrastructure. For example, if you are required to meet US Department of Treasury’s Office of Foreign Assets Control (OFAC) regulations, you can use Firewall Manager to deploy a rule blocking traffic from embargoed countries across your Application Load Balancer and CloudFront accounts. Firewall Manager supports your custom WAF rules as well as Managed Rules for WAF, which are provided and updated by an AWS Marketplace security vendor of your choice. Now, your security team can be notified of threats so they can respond and rapidly mitigate an attack.
AWS Firewall Manager is available to organizations that are subscribed to AWS Shield Advanced at no additional charge and only pay for the underlying AWS Config Rules created. For AWS WAF and AWS Shield Standard customers, AWS Firewall Manager has a monthly fee for each protection policy created per Region. AWS WAF and AWS Shield Standard customers also pay for the underlying AWS resources managed or created by AWS Firewall Manager, which include AWS WAF WebACLs, AWS WAF Rules, and AWS Config Rules.
AWS Firewall Manager is available in US East (N. Virginia), US West (Oregon), and globally on all Amazon CloudFront edge locations. To learn more about Firewall Manager, visit AWS Firewall Manager.