Generating a plan for routing updates for discovered resources at networks with deployed firewalls

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Shridharan Chandramouli · Newcastle, US
• Andrew Chen · Troy, US
• Adhish Bhobe · Sammamish, US
• Shuaijie Wang · Bellevue, US
• Maritza Mills · Reston, US
• Siman Huang · Bellevue, US
• Yi-Ting Chen · Sunnyvale, US
• Xiangpeng Li · Redmond, US
• Kunal Pandit · Maple Ridge, CA

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A firewall manager automates traffic route configuration, compliance monitoring, and remediation. An administrator specifies a firewall policy that includes rules and traffic description, and specifies accounts, isolated virtual networks (IVNs) and/or subnets for firewall deployment. For automated traffic route configuration, the manager provisions and configures firewalls for the specified networks. The manager uses discovered network resource of the specified networks to determine route information for the firewalls for the networks for the traffic, and sends instructions for routing updates for the IVNs to an IVN manager service. For compliance monitoring and remediation, the manager obtains information about new IVNs, subnets, resources and/or routes, and determines compliance by comparing the obtained information to the firewall policy. The manager generates a remediation plan for non-compliance and instructs remediation by performing programmatic calls to the IVN manager service.