Posted On: Mar 2, 2025
Amazon Network Firewall now offers automated domain lists and insights, a feature that enhances visibility into network traffic and simplifies firewall rule configuration. This new capability analyzes HTTP and HTTPS traffic logs from the last 30 days and provides insights into frequently accessed domains, enabling quick rule creation based on observed network traffic patterns.
Many organizations now use allow-list policies to limit access to approved destinations only. Automated domain lists reduce the time and effort required to identify necessary domains, configure initial rules, and update allow lists as business needs change. This feature helps quickly identify legitimate traffic while maintaining a restrictive default stance, balancing security with operational efficiency.
This feature is supported in Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by NWCD. There is no additional cost to generate automated domain lists on Amazon Network Firewall.
To get started, visit the Amazon Network Firewall console and enable analysis mode for your firewall. For more information, please refer to the Amazon Network Firewall service documentation.