Schedule demo
Home

AWS Network Firewall Monitoring

AWS Network Firewall - Overview

AWS Network Firewall Monitoring in Applications Manager enables you to track the health, availability, and performance of your firewall resources deployed within Virtual Private Clouds (VPCs). With detailed metrics on firewall readiness, configuration sync state, traffic flow, packet drops, and TLS inspection, you can ensure that your network is secure, compliant, and functioning without disruptions. Continuous monitoring helps identify misconfigurations, detect anomalies in real time, and maintain high availability of critical applications running in your AWS environment.

Creating a new AWS Network Firewall monitor

To learn how to create a new AWS Network Firewall monitor, refer here.

Monitored Parameters

Go to the Monitors Category View by clicking the Monitors tab. Click on the AWS Network Firewall instance available under Amazon in the Cloud Apps section. Displayed is the AWS Network Firewall bulk configuration view distributed into three tabs:

  • Availability tab shows the availability history for the past 24 hours or 30 days.
  • Performance tab shows health status and events for the past 24 hours or 30 days.
  • List view tab enables you to perform bulk admin configurations.

By clicking a monitor from the list, you'll be taken to the AWS Network Firewall dashboard which includes the following tabs:

Overview

ParameterDescription
NETWORK FIREWALL INFORMATION
Firewall StatusThe readiness of the configured firewall to handle network traffic across all of the Availability Zones where you have it configured. This setting is READY only when the ConfigurationSyncStateSummary value is IN_SYNC and the Attachment Status values for all of the configured subnets are READY. Possible values: PROVISIONING, DELETING, READY.
Configuration Sync StateThe configuration sync state for the firewall. This summarizes the Config settings in the SyncStates for this firewall status object. Possible values: PENDING, IN_SYNC, CAPACITY_CONSTRAINED.
Number of AssociationsThe number of VpcEndpointAssociation resources that use this firewall.

Stateful

ParameterDescription
PACKETS DROPPED PERCENTAGE (STATEFUL)
Packets Dropped Percentage (Stateful)Percentage of packets dropped in the stateful engine between the poll interval.
PACKETS REJECTED PERCENTAGE (STATEFUL)
Packets Rejected Percentage (Stateful)Percentage of packets rejected by the stateful engine between the poll interval.
STATEFUL PACKET FLOW
Packets Received (Stateful)Number of packets received by the firewall in the stateful engine between the poll interval.
Packets Dropped (Stateful)Number of packets dropped due to rule actions in the stateful engine between the poll interval.
Packets Rejected (Stateful)Number of packets rejected due to Reject stateful rule actions between the poll interval.
Packets Passed (Stateful)Number of packets allowed through by the firewall in the stateful engine between the poll interval.
Stream Exception Policy PacketsNumber of packets matching the firewall policy’s stream exception policy between the poll interval.
TLS PACKETS DROPPED PERCENTAGE
TLS Packets Dropped PercentagePercentage of SSL/TLS packets dropped during inspection between the poll interval.
TLS PACKETS REJECTED PERCENTAGE
TLS Packets Rejected PercentagePercentage of SSL/TLS packets rejected during inspection between the poll interval.
TLS ERRORS
TLS ErrorsNumber of errors observed while inspecting SSL/TLS packets between the poll interval.
TLS CONNECTIONS TIMED OUT
TLS Connections Timed OutNumber of SSL/TLS connections that timed out during inspection between the poll interval.
TLS FLOW
TLS Packets Dropped PercentagePercentage of SSL/TLS packets dropped during inspection between the poll interval.
TLS Packets DroppedNumber of packets dropped while inspecting SSL/TLS packets between the poll interval.
TLS Packets Rejected PercentagePercentage of SSL/TLS packets rejected during inspection between the poll interval.
TLS Packets RejectedNumber of SSL/TLS packets rejected by Network Firewall between the poll interval.
TLS Packets PassedNumber of SSL/TLS packets passed by Network Firewall between the poll interval.
TLS ErrorsNumber of errors observed while inspecting SSL/TLS packets between the poll interval.
TLS Connections Timed OutNumber of SSL/TLS connections that timed out during inspection between the poll interval.
TLS CERTIFICATE VALIDATION
TLS Connections - Revocation Status OKNumber of SSL/TLS connections to servers with certificates confirmed as not revoked between the poll interval.
TLS Connections - Revocation Status RevokedNumber of SSL/TLS connections to servers with certificates confirmed as revoked between the poll interval.
TLS Connections - Revocation Status UnknownNumber of SSL/TLS connections to servers with unknown certificate revocation status between the poll interval.
 
Note: In Stateful tab, line graph representations are available for Packets Dropped Percentage (Stateful), Packets Rejected Percentage (Stateful), TLS Packets Dropped Percentage, TLS Packets Rejected Percentage, TLS Errors and TLS Connections Timed Out metrics.

Stateless

ParameterDescription
OVERALL PACKETS DROPPED PERCENTAGE (STATELESS)
Overall Packets Dropped Percentage (Stateless)Percentage of total packets dropped in the stateless engine between the poll interval.
OVERALL PACKETS DROPPED (STATELESS)
Overall Packets Dropped (Stateless)Total number of packets dropped in the stateless engine, including dropped, invalid, and other categories between the poll interval.
STATELESS PACKET FLOW
Packets Received (Stateless)Number of packets received by the firewall in the stateless engine between the poll interval.
Overall Packets Dropped Percentage (Stateless)Percentage of total packets dropped in the stateless engine between the poll interval.
Overall Packets Dropped (Stateless)Total number of packets dropped in the stateless engine, including dropped, invalid, and other categories between the poll interval.
Packets Dropped (Stateless)Number of packets dropped due to stateless rule actions between the poll interval.
Other Packets Dropped (Stateless)Number of packets dropped due to reasons other than InvalidDroppedPackets or DroppedPackets, including throttled packets between the poll interval.
Invalid Packets Dropped (Stateless)Number of packets dropped for failing packet validation due to issues with the packet between the poll interval.
Packets Passed (Stateless)Number of packets allowed through by the firewall in the stateless engine between the poll interval.
TLS Packets Received (Stateless)Number of SSL/TLS packets received by the firewall between the poll interval.
 
Note: In Stateless tab, line graph representations are available for Overall Packets Dropped Percentage (Stateless) and Overall Packets Dropped (Stateless) metrics.

Configuration

Firewall IDThe unique identifier for the firewall.
VPC IDThe unique identifier of the VPC where the firewall is in use.
Firewall Policy ArnThe Amazon Resource Name (ARN) of the firewall policy.
Encryption Key TypeThe type of AWS KMS key to use for encryption of your Network Firewall resources. Possible values: CUSTOMER_KMS, AWS_OWNED_KMS_KEY.
Encryption Key IDThe ID of the AWS Key Management Service (KMS) customer managed key.
Availability Zone Change ProtectionA setting indicating whether the firewall is protected against changes to its Availability Zone configuration.
Firewall Policy Change ProtectionA setting indicating whether the firewall is protected against a change to the firewall policy association.
Delete ProtectionA flag indicating whether it is possible to delete the firewall.
Subnet Change ProtectionA setting indicating whether the firewall is protected against changes to the subnet associations.

Loved by customers all over the world

"Standout Tool With Extensive Monitoring Capabilities"

It allows us to track crucial metrics such as response times, resource utilization, error rates, and transaction performance. The real-time monitoring alerts promptly notify us of any issues or anomalies, enabling us to take immediate action.

Reviewer Role: Research and Development

carlos-rivero
"I like Applications Manager because it helps us to detect issues present in our servers and SQL databases."
Carlos Rivero

Tech Support Manager, Lexmark

Trusted by over 6000+ businesses globally