Home
Mapping Frameworks
AWS Home
AWS Network Firewall

AWS aws_network_firewall Mappings

The AWS Network Firewall provides a stateful network firewall and intrusion detection and prevention system (via Suricata) at the perimeter of virtual private clouds (VPCs). It is able to filter traffic going to and coming from an internet gateway, NAT gateway, VPN, or AWS Direct Connect.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name
aws_network_firewall	AWS Network Firewall	protect	significant	T1071	Application Layer Protocol
aws_network_firewall	AWS Network Firewall	protect	significant	T1071.001	Web Protocols
aws_network_firewall	AWS Network Firewall	protect	significant	T1071.002	File Transfer Protocols
aws_network_firewall	AWS Network Firewall	protect	significant	T1071.003	Mail Protocols
aws_network_firewall	AWS Network Firewall	protect	significant	T1071.004	DNS
aws_network_firewall	AWS Network Firewall	protect	partial	T1530	Data from Cloud Storage Object
aws_network_firewall	AWS Network Firewall	protect	partial	T1499	Endpoint Denial of Service
aws_network_firewall	AWS Network Firewall	protect	partial	T1499.001	OS Exhaustion Flood
aws_network_firewall	AWS Network Firewall	protect	partial	T1499.002	Service Exhaustion Flood
aws_network_firewall	AWS Network Firewall	protect	partial	T1499.003	Application Exhaustion Flood
aws_network_firewall	AWS Network Firewall	protect	partial	T1048	Exfiltration Over Alternative Protocol
aws_network_firewall	AWS Network Firewall	protect	partial	T1048.002	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
aws_network_firewall	AWS Network Firewall	protect	partial	T1048.001	Exfiltration Over Symmetric Encrypted Non-C2 Protocol
aws_network_firewall	AWS Network Firewall	protect	partial	T1048.003	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
aws_network_firewall	AWS Network Firewall	protect	significant	T1187	Forced Authentication
aws_network_firewall	AWS Network Firewall	protect	minimal	T1498	Network Denial of Service
aws_network_firewall	AWS Network Firewall	protect	minimal	T1498.001	Direct Network Flood
aws_network_firewall	AWS Network Firewall	protect	minimal	T1498.002	Reflection Amplification
aws_network_firewall	AWS Network Firewall	protect	significant	T1095	Non-Application Layer Protocol
aws_network_firewall	AWS Network Firewall	protect	partial	T1572	Protocol Tunneling
aws_network_firewall	AWS Network Firewall	protect	partial	T1090	Proxy
aws_network_firewall	AWS Network Firewall	protect	partial	T1090.002	External Proxy
aws_network_firewall	AWS Network Firewall	protect	partial	T1090.003	Multi-hop Proxy
aws_network_firewall	AWS Network Firewall	protect	partial	T1219	Remote Access Software
aws_network_firewall	AWS Network Firewall	protect	partial	T1021	Remote Services
aws_network_firewall	AWS Network Firewall	protect	partial	T1021.001	Remote Desktop Protocol
aws_network_firewall	AWS Network Firewall	protect	partial	T1021.002	SMB/Windows Admin Shares
aws_network_firewall	AWS Network Firewall	protect	partial	T1021.004	SSH
aws_network_firewall	AWS Network Firewall	protect	partial	T1021.005	VNC
aws_network_firewall	AWS Network Firewall	protect	partial	T1021.006	Windows Remote Management
aws_network_firewall	AWS Network Firewall	protect	partial	T1205	Traffic Signaling
aws_network_firewall	AWS Network Firewall	protect	partial	T1205.001	Port Knocking
aws_network_firewall	AWS Network Firewall	protect	partial	T1008	Fallback Channels
aws_network_firewall	AWS Network Firewall	protect	partial	T1104	Multi-Stage Channels
aws_network_firewall	AWS Network Firewall	protect	partial	T1046	Network Service Scanning
aws_network_firewall	AWS Network Firewall	protect	partial	T1595	Active Scanning
aws_network_firewall	AWS Network Firewall	protect	partial	T1595.001	Scanning IP Blocks
aws_network_firewall	AWS Network Firewall	protect	partial	T1595.002	Vulnerability Scanning
aws_network_firewall	AWS Network Firewall	protect	significant	T1571	Non-Standard Port
aws_network_firewall	AWS Network Firewall	protect	minimal	T1542	Pre-OS Boot
aws_network_firewall	AWS Network Firewall	protect	partial	T1542.005	TFTP Boot
aws_network_firewall	AWS Network Firewall	protect	partial	T1041	Exfiltration Over C2 Channel
aws_network_firewall	AWS Network Firewall	protect	partial	T1018	Remote System Discovery
aws_network_firewall	AWS Network Firewall	protect	partial	T1133	External Remote Services
aws_network_firewall	AWS Network Firewall	protect	partial	T1590	Gather Victim Network Information
aws_network_firewall	AWS Network Firewall	protect	partial	T1590.001	Domain Properties
aws_network_firewall	AWS Network Firewall	protect	partial	T1590.004	Network Topology
aws_network_firewall	AWS Network Firewall	protect	partial	T1590.005	IP Addresses
aws_network_firewall	AWS Network Firewall	protect	partial	T1590.006	Network Security Appliances