Know where your VPC traffic is going
Credit to Author: Rich Beckett| Date: Tue, 03 Dec 2019 20:47:05 +0000
When securing VPC traffic we all want a simple, sure-fire route to ensure we don’t accidentally make a private subnet public.
The challenge we face, however, is that it’s been too easy to do just that – with route tables in a VPC that can only be associated with subnets, and no simple way to specify routing rules to direct traffic to subnets through a firewall when entering VPCs.
With complexity like this, who needs enemies?
Security teams need a simple way to tell between legitimate and illegitimate destinations for VPC traffic, which is important stuff when you need to comply with internal best practices and regulatory standards, oh and to not get hacked.
Extending VPC security with Amazon Web Services and Sophos
We’re so excited, therefore, to team up with Amazon Web Services (AWS) as a Launch Partner for the new Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing capability on Sophos UTM in AWS Marketplace. It gives you tight control over traffic flowing through your AWS cloud environments, protecting your valuable cloud workloads and data from cyberattacks.
This new service helps you simplify the integration of network and security appliances within your network topology. With Amazon VPC Ingress Routing, you can define routing rules at the Internet Gateway (IGW) and Virtual Private Gateway (VGW) to redirect ingress traffic to third-party appliances, before it reaches the final destination. This makes it easier for you to deploy production-grade applications with the networking and security services you require within your Amazon VPC.
Amazon VPC Ingress Routing on Sophos UTM gives you a simple route to securing subnets, with new route table control to explicitly channel north/south traffic flowing in and out of a VPC through your Sophos UTM. This brings visibility to an otherwise shady area of the network, and an additional layer of protection for AWS environments in a powerful all-in-one UTM solution.
Amazon VPC Ingress Routing on Sophos UTM in action
An all-in one solution, Sophos UTM has been a powerhouse of AWS security for years, providing added layers of security to help protect your AWS environment.
Get granular controls, like logging and reporting with stateful traffic inspection and control, Intrusion Prevention System (IPS), Layer 7 application control, Virtual Private Network (VPN) connectivity, and a web application firewall (WAF). This can all be managed with an easy-to-use web-based console.
Click over to our AWS Resource Center at sophos.com/AWS for more about how Sophos UTM and AWS work together.