💼 [NetworkFirewall.10] Network Firewall firewalls should have subnet change protection enabled
- ID:
/frameworks/aws-fsbp-v1.0.0/network-firewall/10
Description
AWS Network Firewall is a stateful, managed network firewall and intrusion detection service that you can use to inspect and filter traffic to, from, or between your Virtual Private Clouds (VPCs). If you enable subnet change protection for a Network Firewall firewall, you can protect the firewall against accidental changes to the firewall's subnet associations.
Similar
- AWS Security Hub
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks | 54 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration | 7 | 46 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-2(2) Baseline Configuration _ Automation Support for Accuracy and Currency | 22 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-3 Configuration Change Control | 8 | 17 | 41 | no data | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-5(2) Denial-of-service Protection _ Capacity, Bandwidth, and Redundancy | 24 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Network Firewall Subnet Change Protection is not enabled🟢 | 1 | 🟢 x6 | no data |