Cloud Option Engineer at a tech vendor with 10,001+ employees
Real User
Top 5
Dec 8, 2025
One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility. Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly. One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.
The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency. AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-you-go model, which is what we generally consume.
I don't see any specific problems with AWS Firewall Manager, but the area of improvement could be in threat intelligence integration. For instance, while I'm not specifically saying Mandiant, which is a threat intelligence tool now acquired by Google, I believe better integration with available threat intelligence in the market should be possible with AWS Firewall Manager.
Senior security engeneer at a media company with 1,001-5,000 employees
Real User
Top 10
Jul 9, 2024
The product could benefit from improvements in the user interface and integration capabilities. Future releases would benefit from additional features, such as advanced reporting tools and improved support for multi-cloud environments.
They could consider organizing and enhancing documentation in a more structured and chronological manner. The goal would be to transform it into a live documentation resource that we frequently rely on when encountering errors. Currently, when we run into issues, our first instinct is to perform a Google search to find relevant information. It might be more efficient if we could align our documentation with specific sections or categories, such as error types or network-related topics which would ultimately lead to better issue detection and resolution.
I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty.
Principal Security Architect at a manufacturing company with 10,001+ employees
Real User
May 14, 2020
The logging needs improvement. The Firewall Manager logs are fine but when it comes to the actual logs for the firewall, that's where there is a problem. Enabling and configuring the logging is not that straightforward.
Presales at a tech services company with 1,001-5,000 employees
Real User
Mar 29, 2020
In AWS, there are so many features that many users get confused about what to use and what not to use. For example, AWS Firewall Manager has perhaps 100 features but only a maximum of 15 to 20 would be generally used. I would say that 80% of the features confuse the users, which makes the system more complicated than it needs to be. The price of this solution could be reduced. The system should be more customizable.
AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. As new applications are created, Firewall Manager makes it easy to bring new applications and resources into compliance by enforcing a common set of security rules. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your...
One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility. Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly. One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.
The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency. AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-you-go model, which is what we generally consume.
I don't see any specific problems with AWS Firewall Manager, but the area of improvement could be in threat intelligence integration. For instance, while I'm not specifically saying Mandiant, which is a threat intelligence tool now acquired by Google, I believe better integration with available threat intelligence in the market should be possible with AWS Firewall Manager.
AWS Firewall Manager should be open to manage other third-party appliances as well.
The product could benefit from improvements in the user interface and integration capabilities. Future releases would benefit from additional features, such as advanced reporting tools and improved support for multi-cloud environments.
AWS Firewall Manager could provide more automation. It needs to be more employee-friendly, and the security management could be more efficient.
They could consider organizing and enhancing documentation in a more structured and chronological manner. The goal would be to transform it into a live documentation resource that we frequently rely on when encountering errors. Currently, when we run into issues, our first instinct is to perform a Google search to find relevant information. It might be more efficient if we could align our documentation with specific sections or categories, such as error types or network-related topics which would ultimately lead to better issue detection and resolution.
I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty.
My experience has been with small-scale infrastructure and it works very well.
The logging needs improvement. The Firewall Manager logs are fine but when it comes to the actual logs for the firewall, that's where there is a problem. Enabling and configuring the logging is not that straightforward.
In AWS, there are so many features that many users get confused about what to use and what not to use. For example, AWS Firewall Manager has perhaps 100 features but only a maximum of 15 to 20 would be generally used. I would say that 80% of the features confuse the users, which makes the system more complicated than it needs to be. The price of this solution could be reduced. The system should be more customizable.