What is our primary use case?
I manage the AWS Cloud infrastructure for my organization and I use the Amazon firewall.
We have developed a couple of portals related to the HR industry, in particular the recruitment. As part of it, we have used all of the services required to deploy a typical job portal, starting from route managers. We have DNS servers, web servers, app servers, database servers, and S3 buckets. We also perform API calls from the file services.
I have managed different instances of the firewall and this solution is another layer that helps me with centralized management. We do not concern ourselves with analysis and the determination of root cause when problems occur.
How has it helped my organization?
This solution helps us better manage our firewalls and we were able to set up rules to block unwanted requests. This reduces the amount of traffic within our infrastructure.
We used to get traffic from unwanted locations, such as from countries where we do not have any users. This is now gone and we can monitor the status in real-time.
What is most valuable?
Once this solution is set up, we hardly have to touch it. We look at it to review the rules, perhaps on a yearly basis.
For a small-scale enterprise, AWS Firewall Manager is quite easy and sufficient.
Real-time logs are available.
The interface is simple to use.
What needs improvement?
My experience has been with small-scale infrastructure and it works very well.
For how long have I used the solution?
I have been using the AWS Firewall Manager for three or four years, but not on a regular basis.
What do I think about the stability of the solution?
Overall, this is a stable solution. We only look at it intermittently but so far, the performance has been satisfactory.
What do I think about the scalability of the solution?
Our user volume has not been high enough to the point where we needed to scale to the next level. We only manage two or three servers and it has been sufficient. We have not had an issue such as a new server that we immediately needed to back up. I expect that our current setup will work for at least the next two or three years.
How are customer service and technical support?
I have not contacted technical support in relation to this product because the vendor assisted me. AWS support is quite responsive and gives proper guidance to help get things set up. I would say that they are pretty helpful, and the response time was within a couple of hours. This is good because we do not have paid support.
The community support is good. A lot of people have written articles about the rules and default settings, making it easy to learn and set up for the first time.
Which solution did I use previously and why did I switch?
I have not used other firewall managers in the past. I have worked with other firewall instances but not with a solution to centrally manage them.
How was the initial setup?
I was not part of the initial setup. The deployment took approximately one and a half months for all of our services. This was not just the Firewall Manager or the firewalls themselves, but everything including the servers and domains.
It was mostly complete after three weeks but there was some confusion that slowed it down. For the most part, however, it went really quickly.
What about the implementation team?
We have an in-house technical team for deployment and maintenance but initially, we outsourced this to a third-party because it was new for us. Once they set up everything, I started learning about it, and gradually, we took over all of the services.
These days, I maintain it on my own.
What's my experience with pricing, setup cost, and licensing?
The licensing is on a pay-as-you-go basis and we are billed monthly. I think that the pricing is okay, given that we are saving on bandwidth and also protecting our servers against threats.
Support contracts are in addition to the standard licensing fees.
Which other solutions did I evaluate?
As we were already using AWS services, we did not look for another management solution. I am aware of some open-source products but it made sense to implement this one directly.
What other advice do I have?
Currently, the AWS Firewall Manager is sufficient for our needs because we don't use any software that will generate massive loads of traffic.
My advice for anybody who is considering the AWS Firewall Manager is that it is pretty simple to set up and easy to use. I rarely have to look at it.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)