Back to All Checks
Medium NetworkFirewall Regional

The default stateless action for Network Firewall policies should be drop or forward for full packets

NIST

Description

Checks if the default stateless action for full packets in a Network Firewall policy is set to drop or forward.

Remediation

To change the default stateless action for full packets in a Network Firewall policy, see the AWS Network Firewall Developer Guide.

Steps

  1. Navigate to the AWS Network Firewall console.
  2. Select the firewall policy.
  3. Edit the stateless default actions to either Drop or Forward.

Compliance

NIST
Start Your Free Security Check