Sold by: Chaser SystemsÂ
Deployed on AWS
Free Trial
The DiscrimiNAT Firewall is a transparent, proxy-less NAT Gateway alternative to discover & filter egress traffic by FQDNs in a VPC.
Overview
GO TO NEW LISTING FOR LATEST VERSION: This listing is now deprecated in favour of the new listing at https://aws.amazon.com/marketplace/pp/prodview-7ulmdnoq5jnwuÂ
CONSOLE INTEGRATION
There are no new UIs to learn the config is stored in Security Groups directly, and the flow & audit logs go to CloudWatch. Because only AWS APIs are used for interfacing, you will never have to leave the AWS console or introduce new tooling.
TRANSPARENT OPERATION
No need to set http_proxy like environment variables or change any code. Everything in the VPC, from VMs to EKS, Fargate, Lambda and even zero-trust WorkSpaces, will have its egress traffic routed via DiscrimiNAT. Swapping to (and from) AWS NAT Gateway is just updating the route tables.
REFINED OPERABILITY
We are an AWS Gateway Load Balancing Partner for Security Appliances and the DiscrimiNAT runs with high-availability, load-balancing & auto-scaling within your VPC. It's also completely maintenance-free!
ENTERPRISE READY
Whether you seek compliance with PCI DSS v4.0 or NIST SP 800-53 AC-4, SC-7 and SC-8, we've got it covered. DiscrimiNAT is hardened to CIS benchmarks, receives quarterly updates (critical OS updates in 10 days) and rolling updates apply with zero downtime.
Highlights
- GO TO NEW LISTING FOR LATEST VERSION: This listing is now deprecated in favour of the new listing at https://aws.amazon.com/marketplace/pp/prodview-7ulmdnoq5jnwu
- SPOOFING PREVENTION: Unlike AWS Network Firewall, DiscrimiNAT does conduct out-of-band DNS lookups, so TLS SNI spoofing by supply-chain malware will be logged & stopped. It even supports allowing SSH by FQDNs. The next Log4J won't slip through!
- FQDN DISCOVERY: Do not know what needs allowing? With the see-thru monitor mode, egress traffic can be logged without blocking; then a CloudWatch query extracts FQDNs accessed. Watch this 3.5 min video on how easy it is: https://youtu.be/63EfQQiirZQ
Details
Sold by
Categories
Delivery method
Delivery option
Latest version
Operating system
Ubuntu 24.04
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 31 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3.small Recommended | $0.27 |
c6a.xlarge | $0.27 |
c6i.large | $0.27 |
c6i.2xlarge | $0.27 |
c5.large | $0.27 |
c5.xlarge | $0.27 |
c5.2xlarge | $0.27 |
c6a.large | $0.27 |
c6i.xlarge | $0.27 |
c6a.2xlarge | $0.27 |
Vendor refund policy
You may terminate the EC2 instance(s) or delete the CloudFormation stack(s) at any time to stop incurring charges. Email devsecops@chasersystems.com for questions on billing.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
Resources
Support
Vendor support
Contact us for expert help at devsecops@chasersystems.com at any stage of your journey, we'll jump on a screen-sharing call right away! Use of your work email is advised so we can provide support in the right context.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Chaser Systems
By Palo Alto Networks
By QuotaGuard Static IPs
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Traffic Filtering
Transparent proxy-less NAT Gateway alternative for filtering egress traffic by Fully Qualified Domain Names (FQDNs) in a VPC
DNS Spoofing Prevention
Conducts out-of-band DNS lookups to prevent TLS SNI spoofing and log potential supply-chain malware attempts
Traffic Monitoring
Supports monitor mode for logging egress traffic without blocking, with ability to extract accessed FQDNs via CloudWatch queries
High Availability Architecture
Runs with load-balancing and auto-scaling capabilities within VPC using AWS Gateway Load Balancing Partner framework
Compliance and Security Hardening
Hardened to CIS benchmarks, supports compliance with PCI DSS v4.0 and NIST SP 800-53 security controls, with quarterly critical OS updates
Network Traffic Inspection
Advanced layer-7 application visibility and control with comprehensive traffic inspection capabilities
Threat Prevention Technology
AI/ML-powered security engine with researcher-grade signatures for detecting known and zero-day threats
Cloud Security Integration
Native integration with AWS infrastructure components including Gateway Load Balancer, Auto Scaling, and Transit VPC
Dynamic Policy Management
Automated policy application using AWS tags, Application IDs, User IDs, geographies, and network zones
Deployment Flexibility
Seamless deployment through EC2 instance creation workflow with cloud-native form factor
Network Traffic Routing
Provides proxied static IP addresses for secure inbound and outbound traffic routing across multiple AWS regions
Proxy Protocol Support
Supports both HTTP and SOCKS5 proxy protocols with SSL and custom domain capabilities
High Availability Infrastructure
Implements load-balancing, health monitoring, and automated failover across proxy cluster infrastructure
Multi-Region Deployment
Available across 8 AWS regions with configurable regional proxy selection for low-latency connectivity
IP Whitelisting Capability
Enables integration with third-party services requiring static IP address authentication and firewall access control
Standard contract
No
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.