top of page

NetworkFirewall.5

The default stateless action for Network Firewall policies should be drop or forward for fragmented packets

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

AWS Network Firewall

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks whether a Network Firewall policy has drop or forward as the default stateless action for fragmented packets. The control passes if Drop or Forward is selected; and fails if Pass is selected.

bottom of page