Wählen Sie Ihre Cookie-Einstellungen aus

Wir verwenden essentielle Cookies und ähnliche Tools, die für die Bereitstellung unserer Website und Services erforderlich sind. Wir verwenden Performance-Cookies, um anonyme Statistiken zu sammeln, damit wir verstehen können, wie Kunden unsere Website nutzen, und Verbesserungen vornehmen können. Essentielle Cookies können nicht deaktiviert werden, aber Sie können auf „Anpassen“ oder „Ablehnen“ klicken, um Performance-Cookies abzulehnen.

Wenn Sie damit einverstanden sind, verwenden AWS und zugelassene Drittanbieter auch Cookies, um nützliche Features der Website bereitzustellen, Ihre Präferenzen zu speichern und relevante Inhalte, einschließlich relevanter Werbung, anzuzeigen. Um alle nicht notwendigen Cookies zu akzeptieren oder abzulehnen, klicken Sie auf „Akzeptieren“ oder „Ablehnen“. Um detailliertere Entscheidungen zu treffen, klicken Sie auf „Anpassen“.

Präferenzen
Kontakt
Feedback
AWS Documentation
AWS-Konto erstellen

Rule groups in AWS Network Firewall

PDF
RSS
Fokusmodus
Rule groups in AWS Network Firewall - AWS Network Firewall
Diese Seite wurde nicht in Ihre Sprache übersetzt. Übersetzung anfragen

This section provides guidance for creating and managing your own rule groups in AWS Network Firewall.

A Network Firewall rule group is a reusable set of criteria for inspecting and handling network traffic. You add one or more rule groups to a firewall policy as part of policy configuration. For more information about firewall policies and firewalls, see Firewall policies in AWS Network Firewall and Firewalls in AWS Network Firewall.

You can use your own rule groups and you can use rule groups that are managed for you by AWS.

Network Firewall rule groups are either stateless or stateful. Stateless rule groups evaluate packets in isolation, while stateful rule groups evaluate them in the context of their traffic flow. You can create and manage the following categories of rule groups in Network Firewall:

  • Stateless – Defines standard network connection attributes for examining a packet on its own, with no additional context.

  • Stateful – Defines criteria for examining a packet in the context of traffic flow and of other traffic that's related to the packet.

    Network Firewall uses a Suricata rules engine to process all stateful rules. You can write any of your stateful rules in Suricata compatible format. Alternately, for domain list rules and for very basic rules, you can use an easy entry form provided by Network Firewall.

    Stateful rule groups are available in the following categories:

    • Suricata compatible rule strings – Provides match and action settings, in Suricata compatible format. You can provide all of your stateful rules through this method if you want to.

    • Domain list – Defines a list of domain names and specifies the protocol type to inspect. You can create these rules from traffic analysis reports. For information, see Creating stateful rule groups from reports.

    • Standard stateful rules – Defines standard network connection attributes for examining a packet within the context of a traffic flow.

Note

This section and others that describe Suricata-based concepts are not intended to replace or duplicate information from the Suricata documentation. For more Suricata-specific information, see the Suricata documentation.

Depending on the type of rule group, you might also define rules inside the rule group. Rules provide detailed criteria for packet inspection and specify what to do when a packet matches the criteria. When Network Firewall finds a match between the criteria and a packet, we say that the packet matches the rule group.

Topics
DatenschutzNutzungsbedingungen für die WebsiteCookie-Einstellungen
© 2025, Amazon Web Services, Inc. oder Tochtergesellschaften. Alle Rechte vorbehalten.