Amazon managed rule groups in Amazon Network Firewall
Managed rule groups are collections of predefined, ready-to-use rules that Amazon writes and maintains for you. Most Amazon managed rule groups are available for at no additional to Network Firewall customers. The managed rule groups offered by Network Firewall combine thorough security coverage with the convenience and experitise of Amazon managed solutions.
You can select one or more of the following rule groups to use in your Network Firewall policies:
-
Active threat defense managed rule groups – protect against active threats tracked by Amazon threat intelligence.
-
Domain and IP managed rule groups – protect against domains known or suspected to be associated with malware or bots.
-
Threat signature managed rule groups – inspect for and defend against signatures that represent a variety of known threat categories.
Each set of managed rule groups counts as a single rule group toward the maximum number of stateful rule groups per firewall policy.
The following topics provide more details about the Amazon managed rule groups supported by Network Firewall and how you can configure them to meet your security needs.
Topics
Amazon domain and IP managed rule groups for Amazon Network Firewall
Amazon threat signature managed rule groups for Amazon Network Firewall
Working with Amazon managed rule groups in the Network Firewall console
Troubleshooting Amazon managed rule groups in Network Firewall
Considerations and disclaimers for using Amazon managed rule groups in Network Firewall