Amazon managed rule groups in Amazon Network Firewall - Amazon Network Firewall
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon managed rule groups in Amazon Network Firewall

Managed rule groups are collections of predefined, ready-to-use rules that Amazon writes and maintains for you. Most Amazon managed rule groups are available for at no additional to Network Firewall customers. The managed rule groups offered by Network Firewall combine thorough security coverage with the convenience and experitise of Amazon managed solutions.

You can select one or more of the following rule groups to use in your Network Firewall policies:

  • Active threat defense managed rule groups – protect against active threats tracked by Amazon threat intelligence.

  • Domain and IP managed rule groups – protect against domains known or suspected to be associated with malware or bots.

  • Threat signature managed rule groups – inspect for and defend against signatures that represent a variety of known threat categories.

Each set of managed rule groups counts as a single rule group toward the maximum number of stateful rule groups per firewall policy.

The following topics provide more details about the Amazon managed rule groups supported by Network Firewall and how you can configure them to meet your security needs.

Topics