This article introduces AWS Network Firewall proxy (preview), a managed proxy service that simplifies egress traffic security by eliminating self-managed proxy deployment and scaling challenges.

• Integrated with NAT Gateway; filters traffic before reaching Internet, AWS, or on-premises destinations
• Inspects traffic at three phases: PreDNS, PreRequest, and PostResponse for granular policy control
• Supports optional TLS interception for HTTP-layer inspection or pass-through for end-to-end encryption
• Setup requires: create rule groups, configure proxy with NAT Gateway, explicitly configure client applications
• Supports distributed or centralized deployment models across multiple VPCs using endpoints or Transit Gateway
• Can combine with traditional firewalling for mixed HTTP and non-HTTP traffic handling
• Currently supports HTTP/HTTPS traffic only; IPv4 only in preview

Network Firewall proxy provides managed egress security with flexible deployment patterns, reducing operational overhead for organizations controlling outbound access.