Managing your own rule groups in Amazon Network Firewall
A Network Firewall rule group is a reusable set of criteria for inspecting and handling network traffic. You add one or more rule groups to a firewall policy as part of policy configuration. For more information about firewall policies and firewalls, see Firewall policies and Firewalls and firewall endpoints.
You can use your own rule groups and you can use rule groups that are managed for you by Amazon. For information on managed rule groups, see Using Amazon managed rule groups.
Network Firewall rule groups are either stateless or stateful. These rule groups determine how packets are evaluated in your network traffic inspection.
Depending on the type of rule group, you might also define rules inside the rule group. Rules provide detailed criteria for packet inspection and specify what to do when a packet matches the criteria. When Network Firewall finds a match between the criteria and a packet, we say that the packet matches the rule group.
Follow the guidance in this section to manage your Amazon Network Firewall rule groups.
Note
This section and others that describe Suricata-based concepts are not intended to replace or duplicate information from the Suricata documentation.
For more Suricata-specific information, see the Suricata documentation