I set a goal for my security team this year - Simplify, and then add lightness - just like Colin Chapman said. With this in mind, we are changing our firewall at the office, as we now run almost all our services in AWS. Would someone here have a sample or template for a firewall configuration specification that I could use as a starting point please?

Question

I set a goal for my security team this year - Simplify, and then add lightness - just like Colin Chapman said.  With this in mind, we are changing our firewall at the office, as we now run almost all our services in AWS.  Would someone here have a sample or template for a firewall configuration specification that I could use as a starting point please?

Answer

You can try the following links for the template.https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.htmlhttps://asecure.cloud/a/NetworkFirewall/

Answer

The answer, as usual, is: it depends. If you have a site-to-site VPN to their AWS environment, Amazon provides very clear templates for a variety of firewall platforms. If you are using Direct Connect, then it's just a matter of setting up the right routes. I think much more detail is needed before a question like this can be answered. Hope this helps.

Answer

This is out of my wheel house by a decade or more.  However in my experience you can get a very good starting point from the hardware vendor.  We were using CISCO a lot and I always started with their examples as a starting point and turned it from there to open or close off more services.

Answer

Hi! Without too much information, I would advise to review the AWS Security best practices https://docs.aws.amazon.com/vpc/latest/userguide/security.html and apply the principles based on the company’s needs. One recommendation for replacement or SaaS, FortiGate has a great service and value currently.