Security Group vs NACL

2024-08-05T01:51:49+00:00

Security Group Network Access Control List Acts as a firewall for associated Amazon EC2 instances. Acts as a firewall for associated subnets. Controls both inbound and outbound traffic at the instance level. Controls both inbound and outbound traffic at the subnet level. You can secure your VPC instances using only security groups. Network ACLs are an additional layer of defense. Supports allow rules only. Supports allow rules and deny rules. Stateful (Return traffic is automatically allowed, regardless of any rules). Stateless (Return traffic must be explicitly allowed by rules). Evaluates all rules before deciding whether to allow traffic. Evaluates rules [...]