Installing Firewall Analyzer in AWS helps in ensuring world class firewall management for your network while eliminating the need for a physical server for monitoring.
You can use Firewall Analyzer in AWS using one of the 2 methods:
Purchase Firewall Analyzer AMI from here.
Note: When you access the Firewall Analyzer using the public IP/DNS address, note that the "Public IP/DNS address" changes when the instance is stopped/terminated. As in a network, devices need to forward syslogs & traps to the Firewall Analyzer server, the public IP has to be updated in the end devices every time it changes. Hence it is recommended to use an elastic IP address for seamless monitoring . For more details on Elastic IP address click here.
Pre-requisites
Before installing Firewall Analyzer at AWS, ensure that you meet the following pre-requisites
Important Note:
Ensure that the following ports in your Firewall Analyzer instance are not blocked for proper functioning of Firewall Analyzer and its add-ons ( this step is a must for running Firewall Analyzer from AMI as well as for running Firewall Analyzer from an EC2 instance):
Port |
Protocol |
Port Type |
Usage |
Remarks |
1514 | UDP | Static (Syslog) | Firewall log receiver port | Firewall syslog receiver port can be changed via Web Client. |
8060 | TCP | Static (Web Server) | Web server port | Can be configured using ChangeWebServerPort.bat file. |
3389 | TCP | Static | ||
4118 | TCP | Static | ||
9990 | TCP | Static | ||
1433 | TCP | Static (MS SQL) | Database port | Can be changed in conf/database_params.conf file/ dbconfiguration.bat file. |
161 | TCP | Static (SNMP) | SNMP port | |
69 | TCP | Static | ||
22 | TCP | Static | SSH port | |
13306 | TCP | Static (PostgreSQL) | Database port | Can be changed in conf/database_params.conf file. |