AWS Firewall Manager Reviews

My main use case for AWS Firewall Manager is centrally managing and enforcing security policies across multiple AWS accounts. It helps me to ensure consistent WAF rules, security group policies, and Shield Advanced protections. Instead of configuring each account manually, AWS Firewall Manager lets us apply global policies from one place, improving compliance, reducing configuration errors, and speeding up security operations.

For example, I used AWS Firewall Manager to enforce a mandatory WAF rule across all of our application accounts. Whenever a new account was created in our AWS Organization, AWS Firewall Manager automatically applied the same baseline WAF policy, including SQL injection and XSS protection, without any manual setup. This ensured every workload met our security standards from day one.

AWS Firewall Manager also gives us clear visibility into non-compliant resources. If any account deviates from the required security group or WAF rules, it immediately flags it, so we can fix the issues quickly and maintain consistent security across the environment.

The best features for me are the centralized policy management, automatic policy enforcement on new accounts, and built-in compliance reporting. It also integrates well with AWS WAF, Shield Advanced, and security groups, making it easy to maintain consistent security across all the environments.

Automatic policy enforcement has had the biggest impact on my day-to-day work. It removes manual configuration, ensures every new account is secured by default, and saves a lot of time by reducing repetitive setup tasks. It also prevents misconfigurations, so I spend less time troubleshooting.

The built-in compliance dashboard is more useful than many people realize. It quickly highlights which accounts or resources are out of policy, so you can fix the issues before they become big risks. It is a simple feature, but it gives a lot more visibility across large environments.

AWS Firewall Manager has had a positive impact on my organization. The biggest improvement is consistency. Every account follows the same security standards automatically. It also reduced the time we spend on manual reviews and fixed a lot of configuration drift issues. Overall, it improved our security posture and made audits much easier.

Roughly, I have saved about 30 to 40 percent of the time I used to spend manually reviewing security policies across the accounts. Earlier, the audits required days of checking configurations, but with AWS Firewall Manager compliance reports, I cut down to just a few hours. Even though these are estimates, the reduction in manual work has been very noticeable.

One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility.

Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly.

One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.

I have been using AWS Firewall Manager for the last three years.

AWS Firewall Manager has been very stable in my experience. Policies are consistently applied across accounts. I have not faced any downtime or major issues with enforcement. It is reliable for day-to-day security management.

AWS Firewall Manager scales very well. It can manage security policies across dozens of accounts in our AWS Organization without performance issues. It automatically applies policies to new accounts and handles growth seamlessly.

We have interacted with AWS support a few times regarding AWS Firewall Manager. Their responses have been timely and helpful, providing clear guidance on configuration and best practices. Overall, the support experience has been positive and reliable.

Negative

We previously managed WAF rules and security groups manually across each account. We switched to AWS Firewall Manager because it allows centralized policy management, automatic enforcement on new accounts, and better visibility into compliance, something manual processes could not provide at scale.

My experience with pricing, setup cost, and licensing for AWS Firewall Manager has been straightforward. There is no separate licensing cost for AWS Firewall Manager itself. It is included with AWS services like WAF and Shield Advanced. Setup is mostly configuration-based, so the main cost of its resources is the policies it protects, not the service itself. Overall, it is predictable and easy to manage.

We have seen a clear return in investment. Roughly, we have saved around 30 to 40 percent of the time previously spent manually managing security policies across accounts. That translates into fewer hours needed from the security team and faster audits, which indirectly reduces the cost. Even without exact numbers, the efficiency and consistency gains have been sufficient.

My experience with pricing, setup cost, and licensing for AWS Firewall Manager has been straightforward. There is no separate licensing cost for AWS Firewall Manager itself. It is included with AWS services like WAF and Shield Advanced. Setup is mostly configuration-based, so the main cost of its resources is the policies it protects, not the service itself. Overall, it is predictable and easy to manage.

We evaluated other options including manual account-level management and some third-party firewall management tools. We chose AWS Firewall Manager because it integrates natively with AWS services, automates policy enforcement across accounts, and provides centralized compliance reporting, which matched our requirements best.

AWS Firewall Manager is deployed in our organization, and it runs entirely in our public cloud environment within AWS. We use it across all accounts in our AWS Organization.

AWS Firewall Manager directly runs on AWS, so AWS is the cloud provider we use it for.

We did not purchase it through AWS Marketplace. AWS Firewall Manager is a native AWS service, so we enabled and configured it directly within our AWS account.

I would advise planning your security policies carefully before enabling AWS Firewall Manager. Take advantage of its centralized management and automatic enforcement, but ensure your AWS Organization structure and permissions are correct. This makes adoption smoother and prevents misconfigurations.

Overall, AWS Firewall Manager has significantly improved our security consistency and reduced manual work. While there is room for improvements in reporting and alerting, it is a very effective tool for managing security at scale in AWS. I would rate this product as an 8 out of 10.

My primary use case for AWS Firewall Manager is to centrally manage and enforce security policies across the multiple AWS accounts and resources within our organization. It helps to streamline the firewall rules deployment and ensure consistent protection across the environment without manual intervention. I use AWS Firewall Manager to implement and maintain security controls such as AWS WAF rules and protect web applications against common threats like SQL injection and XSS attacks.

In my project, we use AWS Firewall Manager to centrally enforce AWS WAF rules across multiple accounts hosting web applications during a spike in malicious traffic. We quickly update the WAF policy once, and it automatically applies to all accounts. This helps block threats such as SQL injection and significantly reduces manual efforts while improving our overall security posture.

Day-to-day, I mainly use AWS Firewall Manager for monitoring policy and compliance and ensuring all new resources automatically inherit the security rules. It helps to reduce manual work by continuously enforcing WAF and security group policies across the account and quickly identifying any non-compliant configurations.

The best features of AWS Firewall Manager are centralized policy management and automatic enforcement of the security rules across multiple accounts, seamless integration with services such as AWS WAF and Shield, and security groups. It also provides continuous compliance monitoring with alerts and support and auto-remediation for non-compliant resources and ensures new resources are automatically protected.

The most valuable feature for me is centralized policy management with auto-remediation. It saves a lot of time by automatically applying and enforcing security rules across all accounts, so I do not have to manage any resources manually. It also quickly detects and fixes non-compliant configurations, which helps maintain consistent security and reduce the risk of misconfiguration in day-to-day operations.

AWS Firewall Manager has positively impacted our organization by improving our overall security posture by reducing manual effort. It allows us to enforce consistent security policies across all accounts, quickly detect and remediate misconfigurations, and respond faster to threats.

After implementing AWS Firewall Manager, we reduced our manual security configuration effort by around sixty to seventy percent as the policies are now centralized, managed, and automatically enforced. We see a negligible drop in security misconfigurations and incidents since non-compliant resources are quickly identified and remediated. Overall response time to threats improves significantly and onboarding new accounts becomes much faster and more secure.

AWS Firewall Manager could be improved with more granular policy customization for better visibility through enhanced dashboards and reporting. Simplifying the initial setup and providing clearer documentation would also help new users to onboard faster.

Improving the user interface and providing more detailed real-time insights would make it easier to manage and troubleshoot policies. Adding more flexible policy control and better cross-region visibility would also enhance usability, especially in large-scale environments.

I have been working in my current field for almost fourteen years.

AWS Firewall Manager has been very stable in our experience. It consistently enforces policies without interruption, and we have not faced any major reliability issues.

AWS Firewall Manager is highly scalable. It easily handles growth across multiple accounts and regions by automatically applying policies and protecting new resources.

Customer support has been good overall. AWS provides timely responses through support plans, and their documentation and knowledge base are very helpful. For complex issues, their support system is responsive and provides effective solutions. I would rate the customer support around eight out of ten. They are responsive and helpful, but response times for complex issues can sometimes be improved.

We previously relied on manual security group management and some third-party tools. We switched to AWS Firewall Manager to achieve centralized control, better automation, and seamless integration with AWS services.

We have seen a clear return on investment. By automating policy enforcement, we reduce manual effort by around sixty percent, which has saved significant engineering time. We also see fewer security incidents and misconfigurations, reducing potential risk and downtime. Overall, it helps optimize resources.

The pricing is reasonable and follows a pay-as-you-go model, which makes it cost-effective for scaling the environment. There is no significant setup cost since the native AWS services and licensing is straightforward and integrated into AWS billing. Overall, it provides good value considering the automation, security benefits, and efforts.

We evaluated some third-party firewall and security solutions, including tools such as Palo Alto Prisma Cloud and Check Point CloudGuard. However, we chose AWS Firewall Manager due to its native integration with AWS, centralized management capabilities, and lower operational complexity.

My advice would be to properly plan the policy structure before deployment and leverage automation to its full potential. Also, monitor policies regularly and use logging and alerts to ensure compliance and visibility.

Overall, AWS Firewall Manager is a reliable and efficient solution for managing security at scale. It significantly simplifies policy enforcement and improves consistency across the environment. With a few enhancements in usability and visibility, it can become an even more powerful tool for cloud security management. I would rate this product nine out of ten.

We host our applications on the AWS platform, and to secure our boundaries, we are using AWS Firewall Manager, Web Application Firewall, and AWS Shield Advanced.

We work with the compliance monitoring capability in AWS Firewall Manager, and my firm has one level of additional layer of security over the compliance management that AWS Firewall Manager provides, so we implement both of them.

It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001.

It has an impact on our security policies because it has an inheritance rule where anything implemented on AWS Firewall Manager gets overridden on AWS Organizations, which works on the concept of root organization units.

I would assess this feature positively, as we have integrated AWS Firewall Manager with GuardDuty, which provides real-time threat detection and alerts to our teams.

The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency.

AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-you-go model, which is what we generally consume.

I have been dealing with AWS Firewall Manager for more than five years.

I have no complaints about AWS, and the solution is really stable.

The support from AWS has been excellent with 24/7 assistance, and because we have availed special services from them, we have 24/7 assistance for any outages that happen in any region.

Positive

In my previous firm, we were partners, but in this current firm, we are more on the consumer side.

There is no problem in installing, as they have a management console, and everything is at the click of a radio button; you just need to know which service your consumer wants, and you can instantiate it right away.

AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-you-go model, which is what we generally consume.

There is a difference between AWS, Microsoft, and other vendors Google or Dell. I have been closely working with Microsoft and Azure, and my observations are that AWS is more stable in terms of service operations compared to Azure, which is more prone to outages and incidents.

We consume their services and are not a service providing company. I am an IT auditor and work with AWS and Microsoft on a daily basis, with some experience with Dell APEX infrastructure. We integrate the solution with WAF and Shield Advanced for effective protection. We use Terraform in conjunction with Sentinel to implement automation to AWS Cloud policies instead of CloudFormation. We utilize Terraform infrastructure as code to deploy any AWS or Azure service. We purchase AWS Firewall Manager directly from AWS Marketplace as we are one of their large customers.

On a scale from one to ten, I rate AWS Firewall Manager a nine.

The major use case for AWS Firewall Manager is to deploy firewalls in front of the products we expose to the internet in our Kubernetes clusters and AKS clusters, ensuring we block DDoS attacks and only allow specific IP addresses.

The vendors which we deal with deploy products within their Kubernetes clusters, and we want to ensure that suspicious IPs and non-reputed IPs are getting blocked. We use AWS Firewall Manager to ensure the rules are centralized because it is not just one firewall we are going to use; we are going to use multiple different firewalls, and we use AWS Firewall Manager to ensure it's centrally managed.

We work with compliance monitoring in the product, which is helpful for identifying framework-based misconfigurations, as it can tell you where to deploy firewall policies based on the frameworks. This is especially useful for ensuring compliance within our organization.

The real-time visibility feature in AWS Firewall Manager helps identify potential security threats, and the visibility aspect is good. While there could be areas of improvement, I don't think anything needs to change at this point.

I don't see any specific problems with AWS Firewall Manager, but the area of improvement could be in threat intelligence integration. For instance, while I'm not specifically saying Mandiant, which is a threat intelligence tool now acquired by Google, I believe better integration with available threat intelligence in the market should be possible with AWS Firewall Manager.

We have AWS Firewall Manager only in the public cloud for now.

I haven't seen any problems with the stability of AWS Firewall Manager so far; it's performing well.

It is easy to scale AWS Firewall Manager; there are no limitations on scalability.

I would rate AWS support between seven to eight; the support is good, although cost matters. I don't see much difference compared to Azure, as both use multiple vendors for support, but I find AWS support to be better.

Positive

I have worked with Azure Firewall from Microsoft, which has similar features, but the threat intelligence could be better there as well. I don't see a significant difference between the products to label one as good and the other as bad; I don't find them very different.

The installation of AWS Firewall Manager is easy and not difficult.

We did not purchase AWS Firewall Manager through AWS Marketplace, as we go with reselling vendors.

Microsoft Firewall costs depend on region-based pricing. I don't recall the exact costs because we usually don't get the costing for the firewall alone but rather for the entire product we use, so I haven't made a direct comparison.

I have not compared AWS WAF with any other WAF solution yet, but whatever WAF you choose, there will always be challenges, and it cannot block all malicious traffic. For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads. However, the malicious payloads are not straightforward, and there are assembly scripts that come with the HTTP headers that sometimes AWS WAF misses. In the last four or five years, we have seen a case where WAF was unable to capture a threat. On the other hand, we also see alerts from WAF indicating that it has figured out many DDoS protection alerts and was able to block them, even with rate limiting.

Rule-based WAF works perfectly fine, but I don't think any threat intelligence-based WAF solutions can be 100% accurate. The integration with AWS Organizations and enforcement of security policies, particularly SCP, is difficult to deploy in most of my companies due to client environments. When I say difficult, it depends on the client's organization processes, not AWS itself. The SCP feature is excellent in my view and is the best way to reduce the attack surface for organizations structured in a specific manner. While we have used it internally, limited features of SCPs can be utilized by customers.

Regarding automating security policy deployment, we have utilized automated security policy features, but it is difficult in some instances. We have identified what has been identified, but enabling automated SCP policies can be restrictive, which is actually good but makes it hard to implement for all organizations. Automating security policy features could understand the customer's environment better. An AI- or ML-enabled automated SCP could be a better option since it can understand the actions of administrators or developers in the customer's organization within the AWS platform, providing more in-depth automated assessments and SCP features.

I rate this solution 8 out of 10.

Our primary use case involves managing cloud infrastructure and automating deployment processes. The environment comprises a hybrid cloud setup integrating both on-premises and cloud-based resources.

The solution has notably increased our operational efficiency and reduced the need for manual intervention. It has streamlined our deployment processes and offered enhanced scalability, contributing to overall productivity.

The most valuable features include auto-scaling and detailed analytics. These features are essential because they enable us to manage varying workloads effectively and make informed decisions based on real-time data.

The product could benefit from improvements in the user interface and integration capabilities. 

Future releases would benefit from additional features, such as advanced reporting tools and improved support for multi-cloud environments.

We have been using AWS Firewall Manager for approximately six months.

The product is highly reliable.

The product's scalability is excellent. It adapts well to varying workloads and effectively handles increased demand.

The technical support team provides prompt responses and helpful assistance in resolving issues.

We previously used another solution. We switched because the previous option lacked certain features and exhibited scalability issues.

The initial setup was complex, particularly regarding configuring integrations and migrating existing data.

We implemented the product with the help of a vendor. 

We evaluated other options.

Stay updated with the solution's new releases and leverage customer support when necessary.

I rate it an eight. 

I use AWS Firewall Manager primarily for cybersecurity solutions, particularly for AWS Firewall Manager.

AWS Firewall Manager can be the control plane for multiple deployed applications like CloudFront and any other network firewall, BPF, and VPC. Everything can be managed with one dashboard. It reduces the time needed for security management tasks.

The most valuable feature is scaling, which allows you to deploy one configuration and scan and deploy it across the network. The automated policy application feature also streamlines security operations.

AWS Firewall Manager should be open to manage other third-party appliances as well.

I have three to five years of experience working with AWS Firewall Manager.

I rate the stability of the solution as high. It deserves a ten out of ten.

The scalability of the solution is high.

I rate AWS technical support as a ten out of ten.

Positive

I have experience working with other IT solutions like Check Point and Barracuda CloudGen Firewall, but the focus here is on AWS Firewall Manager.

The initial setup is easy. I would rate it as eight out of ten.

I implement the AWS Firewall Manager solution myself. I am certified and I also teach.

On a scale of one to ten, I would rate the pricing for AWS Firewall Manager as seven, where one is cheap and ten is expensive.

I would recommend AWS Firewall Manager due to its excellent features and benefits.

We primarily use it for the file transfer aspect of our operations. We establish connections with vendor sites, specifically their file transfer servers, and engage in a substantial volume of file transfers to and from these sites. Vendors also utilize various applications to connect with our internal systems, and when they need to connect to specific components of our internal applications, we use the firewall to manage and regulate these connections. Essentially, the firewall comes into play when we want to restrict access to certain parts of our internal infrastructure.

The most valuable feature is its user-friendly interface. It allows us to navigate and grasp the fundamental concepts relatively easily. Once we have a solid foundation, we can then delve into the documented resources that are exceptionally well-structured. Also, the strength of the community is invaluable. In any software journey, encountering challenges is inevitable, and it is quite beneficial how swiftly we can address and resolve these issues with the support of the community.

They could consider organizing and enhancing documentation in a more structured and chronological manner. The goal would be to transform it into a live documentation resource that we frequently rely on when encountering errors. Currently, when we run into issues, our first instinct is to perform a Google search to find relevant information. It might be more efficient if we could align our documentation with specific sections or categories, such as error types or network-related topics which would ultimately lead to better issue detection and resolution.

It's been around fourteen to fifteen months since we made the complete transition to AWS from our on-premises environment.

It provides good stability features. I would rate it eight out of ten.

The option to scale up is undoubtedly available. I would rate it eight out of ten.

Their customer support is highly effective. I would rate it eight out of ten.

Positive

The initial setup was completed quite swiftly and satisfactorily. I would rate it seven out of ten.

The deployment process took a few weeks to be completed.

Regarding the pricing aspect, I'm not involved in that area. From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option.

Prior to choosing it, it's essential to grasp the AWS landscape and assess how the application could bring benefits to the organization. I would rate it eight out of ten.

We use the product to block IPs and portals generating unusual server traffic.

The product is easy to manage. It has centralized cloud firewall management rules. It provides compliance in tracking and reporting.

AWS Firewall Manager could provide more automation. It needs to be more employee-friendly, and the security management could be more efficient.

We have been using AWS Firewall Manager for a few months. We use the latest version.

It is a stable product. I rate its stability a ten out of ten.

I rate the scalability of the product a seven out of ten.

The initial setup is easy. I rate the process a nine out of ten. If the POC is ready, it takes a few hours to implement and requires one executive to work on it.

They provide cost governance plans. We can choose a plan to suit our business requirements. It is a cost-efficient product.

I rate AWS Firewall Manager an eight out of ten. There is a scope for improvement for automaton features while handling infrastructure platforms.

We control traffic through Firewall Manager. You can set up security access groups and create a whitelist for some servers. We connect to a VPN in the office and our cloud instances. Then we whitelist the office IP through a security access group. We connect the instances to the servers and access the rest of the machines or servers. 

AWS Firewall Manager isn't a separate solution when you create the virtual private cloud (VPC), so you can control the traffic through that security group. 

I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty. 

I worked in a data center, but I switched jobs in 2019. I've been working on AWS since then.

AWS Firewall Manager is stable. We haven't had any issues thus far. 

AWS Firewall Manager is scalable.

AWS support is good. Their team is responsive. I created a ticket when I attempted to upgrade the firewall to small. I asked if it was possible, and they told me it wasn't. You can only upgrade to what you have purchased on the marketplace. 

AWS Firewall Manager doesn't have all the features Fortinet has, such as UTM, antivirus, IPS/IDS, and web filtering application control, but we have other products for those purposes. AWS has Web Application Firewall and GuardDuty for IPS/IDS functions. That's the fundamental difference between AWS Firewall and Fortinet FortiGate UTM. AWS Firewall Manager is a standard firewall that just filters traffic.

A firewall is built into the VPC, so we don't pay extra, but AWS is costly in general. It's expensive to use the instances and other services.

I rate AWS Firewall Manager seven out of 10. If you don't have another firewall deployed in your environment, there is only one way to control the traffic through the integrated firewall or security groups. I would rate it higher if they added UTM features.

I manage the AWS Cloud infrastructure for my organization and I use the Amazon firewall.

We have developed a couple of portals related to the HR industry, in particular the recruitment. As part of it, we have used all of the services required to deploy a typical job portal, starting from route managers. We have DNS servers, web servers, app servers, database servers, and S3 buckets. We also perform API calls from the file services.

I have managed different instances of the firewall and this solution is another layer that helps me with centralized management. We do not concern ourselves with analysis and the determination of root cause when problems occur.

This solution helps us better manage our firewalls and we were able to set up rules to block unwanted requests. This reduces the amount of traffic within our infrastructure.

We used to get traffic from unwanted locations, such as from countries where we do not have any users. This is now gone and we can monitor the status in real-time.

Once this solution is set up, we hardly have to touch it. We look at it to review the rules, perhaps on a yearly basis.

For a small-scale enterprise, AWS Firewall Manager is quite easy and sufficient.

Real-time logs are available.

The interface is simple to use.

My experience has been with small-scale infrastructure and it works very well.

I have been using the AWS Firewall Manager for three or four years, but not on a regular basis.

Overall, this is a stable solution. We only look at it intermittently but so far, the performance has been satisfactory. 

Our user volume has not been high enough to the point where we needed to scale to the next level. We only manage two or three servers and it has been sufficient. We have not had an issue such as a new server that we immediately needed to back up. I expect that our current setup will work for at least the next two or three years.

I have not contacted technical support in relation to this product because the vendor assisted me. AWS support is quite responsive and gives proper guidance to help get things set up. I would say that they are pretty helpful, and the response time was within a couple of hours. This is good because we do not have paid support.

The community support is good. A lot of people have written articles about the rules and default settings, making it easy to learn and set up for the first time.

I have not used other firewall managers in the past. I have worked with other firewall instances but not with a solution to centrally manage them.

I was not part of the initial setup. The deployment took approximately one and a half months for all of our services. This was not just the Firewall Manager or the firewalls themselves, but everything including the servers and domains.

It was mostly complete after three weeks but there was some confusion that slowed it down. For the most part, however, it went really quickly.

We have an in-house technical team for deployment and maintenance but initially, we outsourced this to a third-party because it was new for us. Once they set up everything, I started learning about it, and gradually, we took over all of the services.

These days, I maintain it on my own.

The licensing is on a pay-as-you-go basis and we are billed monthly. I think that the pricing is okay, given that we are saving on bandwidth and also protecting our servers against threats.

Support contracts are in addition to the standard licensing fees.

As we were already using AWS services, we did not look for another management solution. I am aware of some open-source products but it made sense to implement this one directly.

Currently, the AWS Firewall Manager is sufficient for our needs because we don't use any software that will generate massive loads of traffic.

My advice for anybody who is considering the AWS Firewall Manager is that it is pretty simple to set up and easy to use. I rarely have to look at it.

I would rate this solution an eight out of ten.