Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Amazon AWS Network Firewall

The JSA DSM for Amazon AWS Network Firewall collects events from an Amazon AWS Network Firewall device by using the Amazon AWS REST API protocol.

Amazon AWS Network Firewall is a stateful network firewall that allows users to filter traffic at the perimeter of their Amazon Virtual Private Cloud (VPC) service.

To integrate Amazon AWS Network Firewall with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs from Juniper Downloads on your JSA Console:

    • Protocol Common RPM

    • AWS S3 REST API PROTOCOL RPM

    • Amazon AWS Network Firewall DSM RPM

  2. Configure your Amazon AWS Network Firewall device to publish alert or flow logs to an S3 bucket.

  3. Create the SQS queue that is used to receive notifications ObjectCreated from the S3 bucket that you used is 2. For more information, see Create an SQS Queue and Configure S3 ObjectCreated Notifications.

  4. Configure security credentials for your AWS user account. For more information, see Configuring Security Credentials for Your AWS User Account.

  5. Add an Amazon AWS Network Firewall log source on the JSA Console by using the Amazon AWS REST API protocol. For more information, see Amazon AWS S3 REST API Log Source Parameters for Amazon AWS Network Firewall.

    Note:

    To receive flow logs in JSA, a JSA Flow Processor must be available and licensed. Unlike other log sources, AWS Network flow logs are not sent to the Log Activity tab. They are sent to the Network Activity tab.