top of page
NetworkFirewall.5
The default stateless action for Network Firewall policies should be drop or forward for fragmented packets
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
AWS Network Firewall
AWS Foundational Best Practice, NIST.800-53.r5,
This control checks whether a Network Firewall policy has drop or forward as the default stateless action for fragmented packets. The control passes if Drop or Forward is selected; and fails if Pass is selected.
bottom of page