Amazon Network Firewall enhances application layer traffic controls
Amazon Network Firewall, a managed service that makes it easy to deploy essential network protections for your Amazon VPCs, now provides enhanced default rules to handle TLS client hellos, and HTTP requests split across multiple packets. This update introduces new application layer drop and alert established default stateful actions, enabling customers to maintain security controls while supporting modern TLS implementations and large HTTP requests.
These enhancements help customers implement robust security policies without writing complex custom rules. Security teams can now effectively inspect and filter traffic where key information is segmented across multiple packets, while maintaining visibility through detailed logging options, making it easier to secure applications using modern protocols and encryption standards.
This capability is available in Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by NWCD.
To learn more, refer to Amazon Network Firewall service documentation.