WebProNews

Tag: cloudwatch

  • AWS Network Firewall Unveiled to Help Protect VPCs

    AWS Network Firewall Unveiled to Help Protect VPCs

    AWS has unveiled the AWS Network Firewall in an effort to help customers protect their cloud-based virtual networks.

    AWS is currently the top cloud platform, with 31% of the cloud computing market. One of AWS’ biggest strengths is the breadth and depth of services the platform offers.

    The company is building on that with its latest announcement, AWS Network Firewall, “a high availability, managed network firewall service” for virtual private clouds (VPC). The new service complements the other firewall capabilities AWS currently provides, such as “Security Groups to protect Amazon Elastic Compute Cloud (EC2) instances, Network ACLs to protect Amazon Virtual Private Cloud (VPC) subnets, AWS Web Application Firewall (WAF) to protect web applications running on Amazon CloudFront, Application Load Balancer (ALB) or Amazon API Gateway, and AWS Shield to protect against Distributed Denial of Service (DDoS) attacks.”

    The AWS Network Firewall can be setup with just a few clicks, and the company touts its ability to scale as needed, eliminating the need to manage additional infrastructure.

    “With AWS Network Firewall, you can implement customized rules to prevent your VPCs from accessing unauthorized domains, to block thousands of known-bad IP addresses, or identify malicious activity using signature-based detection,” writes Channy Yun is a Principal Developer Advocate for AWS. “AWS Network Firewall makes firewall activity visible in real-time via CloudWatch metrics and offers increased visibility of network traffic by sending logs to S3, CloudWatch and Kinesis Firehose. Network Firewall is integrated with AWS Firewall Manager, giving customers who use AWS Organizations a single place to enable and monitor firewall activity across all your VPCs and AWS accounts. Network Firewall is interoperable with your existing security ecosystem, including AWS partners such as CrowdStrike, Palo Alto Networks, and Splunk. You can also import existing rules from community maintained Suricata rulesets.”

    The news is a welcome addition to AWS’ cybersecurity services and will help customers keep their VPCs even safer.

  • Amazon Web Services Gets Billing Alerts

    Amazon Web Services Gets Billing Alerts

    Amazon has just announced that it’s adapted its CloudWatch metrics and alarms functionality to Amazon Web Services Cloud accounts, to help users better track usage and likewise receive billing alerts. With the AWS Cloud running on a pay-as-you-go basis, bills reflect actual usage, which can vary by the hour. Amazon seeks to allow users to better and more easily monitor their activity.

    Here is a screen of the interface:

    was billing metrics

    The following estimated metrics are tracked and logged over a 14 day period:

    Estimated Charges: Total
    Estimated Charges: By Service
    Estimated Charges: By Linked Account (if you are using Consolidated Billing)
    Estimated Charges: By Linked Account and Service (if you are using Consolidated Billing)

    Again, these numbers are merely estimates, based on the cost of one’s AWS usage to date within the current billing cycle, and how they might increase per services used. Users can now set up billing alerts – mainly to track when an account might be exceeding Amazon’s Free Usage Tier. Other uses of the tools include:

    – Relate the billing metrics to business metrics such as customer count, customer acquisition cost, or advertising spending (all of which you could also store in CloudWatch, as custom metrics) and use them to track the relationship between customer activity and resource consumption. You could (and probably should) know exactly how much you are spending on cloud resources per customer per month.

    – Update your alerts dynamically when you change configurations to add or remove cloud resources. You can use the alerts to make sure that a regression or a new feature hasn’t adversely affected your operational costs.

    – Establish and monitor ratios between service costs. You can establish a baseline set of costs, and set alarms on the total charges and on the individual services. Perhaps you know that your processing (EC2) cost is generally 1.5x your database (RDS) cost, which in turn is roughly equal to your storage (S3) cost. Once you have established the baselines, you can easily detect changes that could indicate a change in the way that your system is being used (perhaps your newer users are storing, on average, more data than than the original ones).

    Amazon encourages users to visit their AWS Account Activity page to get started. CloudWatch allows up to 10 alarms and 1,000 notifications via email per month in its free tier range. The upgrade comes soon after Amazon launched the AWS Partner Network (APN).