NACL and Security Groups
Learn about the network firewalls to secure and manage your network’s incoming and outgoing traffic at the instance and subnet levels.
We'll cover the following...
Network access control lists (NACLs) and security groups are types of firewalls that control the network traffic. Security groups are stateful firewalls that analyze everything in the data packets of the incoming traffic and maintain the state. We only need to configure rules for the incoming traffic, and the stateful firewall automatically configures the outgoing rules accordingly. The NACLs are stateless firewalls that check the source, destination, and other parameters/rules to allow or reject the traffic.
Security groups
In the AWS environment, a security group is a VPC-based resource that works at the EC2 instance level. It validates the incoming traffic and allows only connection requests passed by the inbound rules. We specify a security group to secure our EC2 instance; if no security group is selected, EC2 uses the default security group of the VPC. The default security group has no inbound rules and allows all outbound traffic.
The “Source” column tells about the incoming traffic source. The security group will automatically configure the outbound rule for this traffic.
NACLs
A network access control list (NACL) is a VPC-based firewall that works on the subnet level and controls the ingress and egress ...