More Info:

This rule checks if an AWS Network Firewall policy is configured with a user-defined stateless default action for fragmented packets. It ensures that the stateless default action for fragmented packets matches the user-defined default action. The rule is marked as non-compliant if the stateless default action for fragmented packets does not match the user-defined default action.

Risk Level

Medium

Address

Security

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console