Security News > 2020 > November > AWS includes open-source Suricata for stateful inspection with Network Firewall service

The Firewall Manager is a centralised service for configuring firewalls across accounts and applications within an AWS user organisation, this being a way of managing multiple AWS accounts.

The new AWS Network Firewall moves beyond the existing services by adding more intelligent rules using the open-source Suricata project for intrusion detection.

"Network Firewall uses the open source intrusion prevention system, Suricata, for stateful inspection," say the AWS docs, though it is not just a Suricata installation and not all Suricata features are implemented.

The new service is integrated with AWS Firewall Manager as well as the CloudWatch monitoring service, or admins can stream logging data to the Kinesis Data Firehose service for custom search and analysis.

Pricing for Microsoft's Firewall Premium is not stated, though the standard Azure Firewall service costs $1.25 per hour and $0.016 per GB - more expensive to deploy, but much less for processing than the new AWS service.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/11/19/aws_adopts_open_source_suricata/