Managing cloud security shouldn't be a guessing game, especially when you need to know exactly why traffic is being blocked or allowed across your AWS environment. We understand how frustrating and time-consuming it can be to troubleshoot these visibility gaps. And that's why we are thrilled to announce that Kentik Cloud now supports the ingestion of AWS Network Firewall (ANF) logs. 

By integrating this service-based firewall data, Kentik provides you with deep observability into traffic moving into, out of, and across your AWS environment, including critical metadata not found in standard VPC flow logs. This integration empowers your team for proactive network security management by bringing enriched ANF flow logs, alert logs, and firewall metrics all into a single view with the most relevant network context from your AWS environment.

• Pinpoint Blocked Traffic: Quickly identify exactly what traffic is being blocked and why, allowing you to make informed decisions to either whitelist legitimate traffic or address unauthorized attempts immediately.
• Add Context to your Security Policies: Gain comprehensive visibility into specific firewalls, policies, and rules. You can now easily see and audit which traffic is traversing specific firewall rulesets to ensure your security posture aligns with your intended policy.
• Streamline Connectivity Analysis: Visualize the network paths across your AWS environment, ensuring that you have clarity on firewalls, security groups, and network ACLs that are all contributing to a potential connectivity blockage.

What's new?

Network firewalls are a critical part of your cloud network architecture, so it was important that we first provide the relevant context about those ANF connections in the Kentik Map. This also provides important metadata about the Firewall Attachments, Firewall Rule Groups, and all of the connections from VPCs, subnets, Transit Gateways, and more. 

For troubleshooting, it was also important that this firewall metadata was also used for path analysis across your AWS network. We added AWS Network Firewall details to Kentik Cloud Pathfinder, including direct links into the AWS Console for firewall rule configuration.

Finally, we wanted to surface the enriched ANF flow and alert log data to ensure that traffic analysis had a first-class experience in Kentik Data Explorer. Now you can use ANF-provided log dimensions along with Kentik's enrichment engine to make it easy to look at specific dropped flows and which VPC, region, and application they come from. 

How do I get started?

Ready to get more out of your AWS Network Firewall visibility? Log in to the Kentik Portal today to enable AWS Network Firewall log ingestion as part of your Kentik Cloud Export. For step-by-step configuration details, check out our Knowledge Base article on integrating AWS Network Firewall logs.