Changes This release introduces the stateless rule analyzer, which enables you to analyze your stateless rules for asymmetric routing.
Changes Network Firewall now supports inspection of outbound SSL/TLS traffic.
Changes This release adds support for the Suricata REJECT option in midstream exception configurations.
Changes AWS Network Firewall now supports policy level HOME_NET variable overrides.
Changes AWS Network Firewall now supports IPv6-only subnets.
Changes AWS Network Firewall added TLS inspection configurations to allow TLS traffic inspection.
Changes Network Firewall now allows creation of dual stack endpoints, enabling inspection of IPv6 traffic.
Changes Network Firewall now supports the Suricata rule action reject, in addition to the actions pass, drop, and alert.
Changes AWS Network Firewall now provides status messages for firewalls to help you troubleshoot when your endpoint fails.
Changes StreamExceptionPolicy configures how AWS Network Firewall processes traffic when a network connection breaks midstream
Changes Network Firewall now supports referencing dynamic IP sets from stateful rule groups, for IP sets stored in Amazon VPC prefix lists.
Changes AWS Network Firewall adds support for stateful threat signature AWS managed rule groups.
Changes AWS Network Firewall now enables customers to use a customer managed AWS KMS key for the encryption of their firewall resources.
Changes This release adds support for managed rule groups.
Changes This release adds support for strict ordering for stateful rule groups. Using strict ordering, stateful rules are evaluated in the exact order in which you provide them.
Changes Added a new UpdateToken output field to the PerObjectStatus as part of firewall sync state. This is added to track which version of the object the firewall is in sync or pending synchronization.
Changes (New Service) AWS Network Firewall is a managed network layer firewall service that makes it easy to secure your virtual private cloud (VPC) networks and block malicious traffic.